UK and US authorities unite to ‘hold Russia to account’ for sustained cyber offensive

Written by Sam Trendall on 16 April 2018 in News

UK National Cyber Security Centre teams up with FBI and others to issue advice in light of malicious exploits targeting network hardware – including consumer routers

The Kremlin is behind a long-term campaign of malicious cyber activity, UK and US authorities have said

After calling out the Kremlin for undertaking a sustained campaign of cyberattacks, UK and US intelligence services have hailed “a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace”.

The UK National Cyber Security Centre (NCSC) has united with the FBI and the US Department of Homeland Security to issue an “alert about malicious cyber activity carried out by the Russian government”.

The attribution of this activity to Russia follows reports from “multiple sources”, representing cybersecurity research bodies in both the public and private sectors.

“We at the NCSC have been tracking some of these attacks for around a year, and the groups behind them for longer than that,” the organisation’s chief executive Ciaran Martin told reporters on a conference call today.

Russian state-sponsored activity has reportedly been targeted at government entities and private companies – including providers of critical national infrastructure, and internet service providers. The joint statement indicated that attacks have been aimed at network hardware devices, including routers, switches, firewalls, and network intrusion-detection systems. 

Related content

The statement said: “The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic well-being.”

The attacks have also included concerted attempts to breach consumer and small business devices as a way into the network.

“We have high confidence that Russia has carried out a coordinated campaign to gain access to SOHO (small office/home office) and residential routers,” White House cybersecurity coordinator Rob Joyce told journalists.

Some attacks have seen actors working on behalf of Russia target “compromised routers” to execute ‘man-in-the-middle’ attacks. These incursions are so called because perpetrators effectively insert themselves between two systems that communicate with one another and intercept the information being relayed.

The exploits that have perpetrated by Russia in recent months are being undertaken “to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” today’s statement said. 

Jeanette Manfra, the foremost cybersecurity official at the Department of Homeland Security, explained that, if you can control routers, you can control traffic, which means that the future threat from Russia could take several forms.

“[Routers] could be used to generate traffic for a DDoS attack, but also for espionage or for offensive cyber campaigning,” she added.

A large number of the Russian exploits could be defended against by adherence to best security practice, the security agencies indicated. To this end, UK and US authorities will be issuing a report containing information on how businesses and individuals can best protect themselves against cyberthreats.

NCSC chief Martin said: “This is a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace. We have called it out before, but never have we joined together… to give advice to industry and citizens.”

He added: “This a very significant moment – we are holding Russia to account, and improving our defences at the same time."


About the author

Sam Trendall is editor of PublicTechnology

Share this page




Please login to post a comment or register for a free account.

Related Articles

Ex-Whitehall top dog to join board of defence and security firm
27 June 2022

Former cabinet secretary Mark Sedwill has landed a non-executive role at BAE Systems

Government sets up £20m compensation pot for victims who fought to expose Post Office IT scandal
30 June 2022

Increased funding is set to more than double the money received by those who brought group legal action – with more support to follow

Russia: sanctions tightened on exports of monitoring and military tech
24 June 2022

New measures prohibit supply of any tech used for ‘internal repression’

Dundee opens doors on £18m cybersecurity R&D facility
20 June 2022

Government-backed hub aims to create jobs and improve resilience