The US and UK have issued an “unprecedented joint alert” regarding an increase in Russian cyber attacks against American and British companies and government operations. The Russian cyber attacks are said to have infected millions of computers especially in the US, UK, and Australia.
The Joint Statement
Great Britain’s National Cyber Security Center (NCSC) joined the US Department of Homeland Security and the Federal Bureau of Investigations to issue a warning to businesses on Monday regarding the cyber attacks that are believed to have infected “millions of machines.”
The joint statement pointed out what the Russian cyber attacks are targeting, “Specifically, these cyber exploits are directed at network infrastructure devices worldwide such as routers, switches, firewalls, and the Network Intrusion Detection System (NIDS).” Authorities are especially concerned about attacks on routers.
The statement also indicated who should be on the lookout for a cyber attack, “Network device vendors, ISPs, public sector organisations, private sector corporations and small-office/home-office customers should read the alert (TA18-106A) and act on the recommended mitigation strategies.”
The three agencies explained in the joint statement who is issuing the attack and why:
Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations. Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments.
The agencies also announced that the Russian cyber attacks have not been used to target election systems ahead of US midterm elections this coming November.
The agencies also offered advice on how to keep your network safe. Most importantly, by making sure your passwords are secure and your router software is up-to-date.
Both governments said they will be providing future details on the attacks to help organizations determine whether they have fallen victim to the Russian cyber attacks. They also asked victims to report any details on the attacks they have available to assist the FBI and NCSC in better understanding the attacks.
A New Cold War?
Both the US and UK are facing greater strains in their relationship with Russia. Many sources, including President Donald Trump and António Guterres, Secretary General of the UN, have compared the growing tensions to the Cold War era.
Last month, Russia is believed to have been behind the poisoning of a former double agent and his daughter in the UK, which led to a massive diplomatic backlash from the US, UK, EU, and other nations. More recently, the joint UK, US, France attack against Putin ally Assad’s chemical weapons manufacturing centers in Syria has escalated the dangerously tense relationship even further, with Russian authorities claiming the alleged chemical attack was staged to stoke anti-Russian sentiments and destabilize international peace. Additionally, the election fraud and violations recorded in last month’s elections in Russia which catapulted Putin into another six years in office raised even more questions about the government in Moscow.
Now, it seems cyberattacks from Russia are the latest chapter in the growing possibility of another Cold War, raising questions on how technology could impact a Cold War like conflict.
Although Moscow denies involvement in the cyber attacks, the Pentagon has announced that Russian “trolling” has increased 2000% since the strikes on Assad’s chemical manufacturing facilities in Syria.
“NotPetya” Attacks
This is hardly the first time Russia has been accused of leading cyber attacks against US, UK, and Australian companies. In 2017, Russia was blamed for the “NotPetya” attacks which targeted Ukraine, but spread across the world. The attack was meant to destabilize the financial system in Ukraine as the Eastern European country is still enmeshed in a war against separatists in the east loyal to Moscow. The CIA was able to pinpoint the Russian military as mounting the attack. Putin denied the claim that the Kremlin was orchestrating the attacks, but did say “patriotically minded hackers” could have been behind the cyber attacks.
Alexander Lyamin, who heads a Moscow based cyber security firm, denied Russian government involvement, instead saying, the US is predisposed to cyber attacks because vulnerable routers are popular in the US. He also said the attacks are being used against Russia and ally Iran.
Tough Rhetoric
Stoking more fears of a new Cold War, spokespersons for the three agencies at Monday’s press conference did not hesitate to use tough rhetoric against Russia. Ciaran Martin, chief executive officer of NCSC told reporters, “Many of the techniques used by Russia exploit basic weaknesses in network systems. The Russian cyber attack capability is a global problem.” Martin went on to say, “Russia is our most capable hostile adversary in cyberspace.”
Deputy Director Assistant of the FBI, Howard Marshall did not mince any words in labeling Russia as the perpetrator of the attacks, “It’s a tremendous weapon in the hands of an adversary.” He also said, “As long as this type of activity continues, the FBI will be there to investigate, identify and unmask the perpetrators, in this case, the Russian Government.”
Australia Falls Victim
Australia was a victim of the 2017 NotPetya attacks as well as more recent Russian cyber attacks.
Australian Defense Minister Marise Payne indicated that 400 businesses in Australia have been targeted by the Russian cyber attacks. She said, “The Australian Cyber Security Centre … believes that potentially 400 Australian companies were targeted, but don’t believe there has been any exploitation of significance.”
Australian Cyber Security Minister Angus Taylor has also spoken up about the threat, but said there is little evidence information had been compromised. He did, however, say Australia is aware of who launched the attacks, “We know that they were behind these attacks and that’s a very important escalation.” He did not indicate whether Australia would be taking action against Russia in response, but said Russia should take full responsibility.
Although no significant data seems to have been stolen, Australians should still be weary. Fergus Hanson of the International Cyber Policy Centre, said Moscow could have been accessing the networks, not to initially steal data, but to lay the groundwork for future attacks.
