Backed hackers targeting critical infrastructure, US, UK cybersecurity officials say

Adjust Comment Print

The U.S., Britain and Australia have accused the Russian government of maliciously targeting global internet equipment for political and economic espionage. It has denied previous accusations that it carried out cyberattacks on other countries.

Russian state-sponsored hackers are seeking to hijack critical network infrastructure devices, USA and British intelligence agencies say.

United Kingdom and U.S. spies issued an unprecedented joint alert over Russian-sponsored cyber attacks on Monday, confirming "millions" of devices have been infected by "hostile" hackers.

"It provides basic infrastructure that they can launch from", one top US official said.

Australia also admonished Russian Federation and accused Kremlin-backed hackers of cyberattacks on hundreds of Australian companies a year ago. "Once you own the router, you own the traffic".

"We don't have full insight into the scope of the compromise", said Jeanette Manfra, a cyber security official for the U.S. Department of Homeland Security. An email message seeking comment from the Russian embassy in Washington, D.C., received no response. The joint report didn't identity any companies that have been affected, or the number of devices that have already been hacked. But its alert cited only one specific product: Cisco's Smart Install software.

The technical alert said the United States government had been receiving information that the cyber actors had been exploiting switches - named by the ACSC as "switches with Cisco Smart Install accessible from the internet, and routers or switches with Simple Network Management Protocol (SNMP) enabled and exposed to the internet" - since 2015.

Street Fighter V: Arcade Edition's New Character Falke Gets a Gameplay Trailer
With her ability to use Psycho Power and infuse objects with it, she's going to be a formidable fighter for sure. Capcom has confirmed that Falke will be coming to Street Fighter V on April 24 for both PlayStation 4 and PC.

Australian government claims "no indication" sensitive data was captured.

"Commercially available routers were used as a point of entry, demonstrating that every connected device is vulnerable to malicious activity", Taylor said.

Globally, this effort had targeted millions of machines to spy on ISP customers, organizations and government agencies.

"Russian government-sponsored actors" accessing passwords, information through routers.

Experts have stressed that the March 15 bulletin did not mean Russian Federation had obtained access to systems that control critical infrastructure such as the power grid.

Previously the two nations have spoken only of attacks "originating from Russia", with lines between Russian criminals and state activity being blurred, but they pinned blame on the Kremlin on this occasion.