Russia-Backed Hackers Accused Of Global Cyberattacks

UK and UK are warning that Russia has been hacking routers worldwide

Treasury Sanctions Iranian Cyber Actors for Malicious Cyber-Enabled Activities Targeting Hundreds of Universities

The report "provides information on the worldwide cyber exploitation of network infrastructure devices (e.g., router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices) by Russian state-sponsored cyber actors".

In a first-of-its-kind joint statement, released on Tuesday, the officials said they had "high confidence" that Russian state-sponsored cyber actors "are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations".

White House cybersecurity coordinator Rob Joyce said the United States and its allies had "high confidence" that Russian Federation was behind the campaign.

Russian government-sponsored hackers are compromising the key hardware of government and business computer networks in like routers and firewalls, giving them virtual control of data flows, the US and Britain warned Monday. For owners, they're asked to ensure network devices are up-to-date, change default passwords, and ensure the firmware on the device is from a trusted source.

While the United Kingdom and USA have been quick to point fingers in the direction of the Kremlin, the Russia Embassy has denied any involvement and has slammed the "accusations" as "striking examples of a reckless, provocative and unfounded policy against Russia". Finally, the alert outlined what erratic hardware behavior should indicate a device has been compromised.

SpaceX Rocket Launching NASA's TESS Exoplanet Hunter Today
An artist's illustration of NASA's Transiting Exoplanet Survey Satellite ( TESS ) hunting for alien worlds. GNC stands for guidance, navigation and control.

The alert urges network device vendors, ISPs, public sector organisations and private corporations of all sizes to read it and act on the recommended mitigation strategies.

Ciaran Martin, head of the NCSC, said Russian Federation was: "our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our United States allies".

Russian Federation is being accused of a massive campaign to undermine the security of firewalls and routers in a bid to support espionage and future attacks.

"We'll continue to follow the actions of our Russian adversaries and we'll bring every tool to bear against them in every corner of cyber space", said Howard Marshall, Deputy Assistant Director of the Cyber Division at the Federal Bureau of Investigation.

The U.S. Department of Homeland Security said the hacking was part of a broad operation dubbed Grizzly Steppe, which DHS says comprises concerting cyberattacks by Moscow's civilian and military intelligence agencies.

Latest News