Hackers backed by the Russian government are waging a campaign of “malicious cyber activity” targeting “compromised routers,” the U.S. and British intelligence communities said in a joint statement released Monday.
“The targets of this malicious cyber activity are primarily government and private-sector organisations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors,” said the U.K.’s National Cyber Security Center in the statement, released in conjunction with the FBI and U.S. Department of Homeland Security.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ’man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” the statement added.
Intelligence officials said that information from “multiple sources” in both the private and public sectors led to the issuing of the security alert.
“Many of the techniques used by Russia exploit basic weaknesses in network systems,” said Ciaran Martin, who heads the Cyber Security Centre. “The NCSC is leading the way globally to automate defences at scale to take away some of those basic attacks, thereby allowing us to focus on the most potent threats.”
“The activity highlighted today is part of a repeated pattern of disruptive and harmful malicious cyber action carried out by the Russian government,” said Howard Marshall, FBI Deputy Assistant Director. “As long as this type of activity continues, the FBI will be there to investigate, identify and unmask the perpetrators, in this case, the Russian government.”
• Ken Shepherd can be reached at kshepherd@washingtontimes.com.
Please read our comment policy before commenting.