UK and US authorities unite to ‘hold Russia to account’ for sustained cyber offensive

Written by Sam Trendall on 16 April 2018 in News

UK National Cyber Security Centre teams up with FBI and others to issue advice in light of malicious exploits targeting network hardware – including consumer routers

The Kremlin is behind a long-term campaign of malicious cyber activity, UK and US authorities have said

After calling out the Kremlin for undertaking a sustained campaign of cyberattacks, UK and US intelligence services have hailed “a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace”.

The UK National Cyber Security Centre (NCSC) has united with the FBI and the US Department of Homeland Security to issue an “alert about malicious cyber activity carried out by the Russian government”.

The attribution of this activity to Russia follows reports from “multiple sources”, representing cybersecurity research bodies in both the public and private sectors.

“We at the NCSC have been tracking some of these attacks for around a year, and the groups behind them for longer than that,” the organisation’s chief executive Ciaran Martin told reporters on a conference call today.

Russian state-sponsored activity has reportedly been targeted at government entities and private companies – including providers of critical national infrastructure, and internet service providers. The joint statement indicated that attacks have been aimed at network hardware devices, including routers, switches, firewalls, and network intrusion-detection systems. 

Related content

The statement said: “The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic well-being.”

The attacks have also included concerted attempts to breach consumer and small business devices as a way into the network.

“We have high confidence that Russia has carried out a coordinated campaign to gain access to SOHO (small office/home office) and residential routers,” White House cybersecurity coordinator Rob Joyce told journalists.

Some attacks have seen actors working on behalf of Russia target “compromised routers” to execute ‘man-in-the-middle’ attacks. These incursions are so called because perpetrators effectively insert themselves between two systems that communicate with one another and intercept the information being relayed.

The exploits that have perpetrated by Russia in recent months are being undertaken “to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” today’s statement said. 

Jeanette Manfra, the foremost cybersecurity official at the Department of Homeland Security, explained that, if you can control routers, you can control traffic, which means that the future threat from Russia could take several forms.

“[Routers] could be used to generate traffic for a DDoS attack, but also for espionage or for offensive cyber campaigning,” she added.

A large number of the Russian exploits could be defended against by adherence to best security practice, the security agencies indicated. To this end, UK and US authorities will be issuing a report containing information on how businesses and individuals can best protect themselves against cyberthreats.

NCSC chief Martin said: “This is a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace. We have called it out before, but never have we joined together… to give advice to industry and citizens.”

He added: “This a very significant moment – we are holding Russia to account, and improving our defences at the same time."


About the author

Sam Trendall is editor of PublicTechnology

Share this page




Please login to post a comment or register for a free account.

Related Articles

Ex-intelligence chief ‘appalled’ at ministers’ use of private messages
1 June 2023

Former GCHQ and Home Office leader David Omand expresses disapproval of use of WhatsApp and other platforms for government business

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

WhatsApp and private email banned for government use at higher security tiers
13 April 2023

Officials are warned that, if they choose to use non-corporate channels, they must 'be prepared to defend your choices'

ICO urges Capita customers to ‘check their position’ after 90 organisations report data breaches
31 May 2023

Technology services firm has revealed two data-compromising incidents in recent week


Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...