US, UK say Russia targets internet hardware for espionageApril 17, 2018 4:17am

Washington and London on Monday jointly accused the Russian government of maliciously targeting global internet equipment for political and economic espionage.

The two governments said the Russian operations, which allegedly involve planting malware on internet routers and other equipment, could also lay the foundation for future offensive cyberattacks.

A joint statement by the U.S. Department of Homeland Security, the FBI and the U.K.'s National Cyber Security Centre said the main targets include "government and private-sector organizations," as well as providers of "critical infrastructure" and internet service providers.

"Victims were identified through a coordinated series of actions between U.S. and international partners," according to a companion technical alert issued by the U.S. Computer Emergency Response Team (US-CERT). Both nations have "high confidence" in the finding of Russian-sponsored cyber-meddling, which the alert said has been reported by multiple sources since 2015.

Australia also admonished Russia and accused Kremlin-backed hackers of cyberattacks on hundreds of Australian companies last year.

Respected U.S. cybersecurity researcher Jake Williams said it was difficult for him to understand the motivation for Monday's alert given that "the activity has been ongoing for some time."

"Calling the Russians out on this hardly makes much sense unless there's some other agenda (most likely political)," Williams, the president of Rendition Infosec, added via text message.

Routers direct data traffic across the internet. US-CERT said the compromised routers can be exploited for "man-in-the-middle" spoofing attacks, in which communications are intercepted by a seemingly trusted device that has actually been infiltrated by an attacker.

"The current state of U.S. network devices — coupled with a Russian government campaign to exploit these devices — threatens the safety, security, and economic well-being of the United States," the alert stated. An email message seeking comment from the Russian embassy in Washington, D.C., received no response.

US-CERT urged affected companies, and public sector organizations and even people who use routers in home offices to take action to harden poorly-secured devices. But its alert cited only one specific product: Cisco's Smart Install software.

Australian Defense Minister Marise Payne told reporterse about 400 Australian companies were targeted in the Russian attacks, but there was no "exploitation of significance." The country's cyber security minister, Angus Taylor, said. "This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors."

On March 15, US-CERT issued a similar alert saying the FBI and DHS had determined that Russian government "cyber actors" had sought to infiltrate U.S. agencies as well as "organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors." It said Russian agents had obtained "remote access" to energy sector networks and obtained information on industrial control systems.

Experts have stressed that the March 15 bulletin did not mean Russia had obtained access to systems that control critical infrastructure such as the power grid. But Russia does have history in this regard, as many security experts blame it for several cyber-sabotage attacks on Ukraine's power grid.

____

Associated Press writer Rod McGuirk in Canberra, Australia, contributed to this report

Page 1 of 1

More Stories Like This

The undated image provided on Aug. 2, 2017 shows Trinh Xuan Thanh, a businessman and former functionary of Vietnam's Communist Party sitting on a park bench in Berlin, Germany. A Vietnamese man charged with involvement in the kidnapping of the former Vietnamese oil executive Trinh Xuan Thanh in Berlin has gone on trial in the German capital. The 47-year-old, identified only as Long N.H. because of German privacy rules, is charged with espionage and being an accessory to deprivation of liberty. Germany believes the kidnapping was a Vietnamese intelligence operation. (dpa via AP)
Suspect in Vietnamese kidnapping goes on trial in Berlin
Christopher Wylie, the Cambridge Analytica whistleblower, departs after meeting with House Judiciary Democrats, on Capitol Hill, Tuesday, April 24, 2018 in Washington. (AP Photo/Alex Brandon)
House Democrats talk to Cambridge Analytica whistleblower
Closing arguments in fraud trial of former bank executivesFederal prosecutors say four former Wilmington Trust Corporation executives knew they were misleading banking regulators and investors by concealing the truth about the bank's imploding commercial loan portfolio following the 2008 financial crisis
Defense attacks prosecution case in bank execs fraud trialDefense attorneys are continuing to hammer away at prosecutors' claims in the federal fraud and conspiracy trial of four former Wilmington Trust Corporation executives
Los Angeles firm fined over lead-tainted jewelryA Los Angeles company accused of selling jewelry for children that contained dangerous levels of toxic lead and cadmium has been fined $1.6 million
FILE - In this Jan. 23 2018 file photo, MoneySavingExpert founder Martin Lewis  poses for a photo at the NTA show, in London. A personal finance expert is suing Facebook at Britain's High Court, claiming the social media company is allowing the publication of scam ads featuring his name, it was reported on Monday, April 23, 2018. Lewis, who founded the MoneySavingExpert website, says his name has appeared on more than 50 advertisements in the last year, many of them get-rich-quick scams to con people. (Ian West/ PA via AP, File)
Financial expert taking Facebook to UK court over fake ads
This component is currently unavailable.
AdChoices

Related Searches

Related Searches

AdChoices