U.S. along with U.K. Warn of Cybersecurity Threat by Russia
Ciaran Martin, chief executive of Britain’s National Cyber Security Center, said Russia had targeted “millions” of devices in both countries, often seeking to hack into individual homes or modest businesses or to control their routers.
“Once you own the router, you own all the traffic, to include the chance to harvest credentials along with passwords,” said Howard Marshall, deputy assistant director of the cyber division at the Federal Bureau of Investigation. “that will can be a tremendous weapon from the hands of an adversary.”
In particular, both governments said, the Russians were seeking to exploit the increasing popularity of internet-connected devices around homes along with businesses — the so-called internet of things — “the kind of thing you along with I have in our homes,” Mr. Joyce said.
The officials said the Kremlin was often utilizing what were known as man-in-the-middle attacks, in which hackers secretly inserted themselves into the exchange of data between a computer or server in order to eavesdrop, collect confidential information, misdirect payments or further compromise security.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks along with potentially lay a foundation for future offensive operations,” the British government said in a prepared statement. “Multiple sources including private along with public-sector cybersecurity research organizations along with allies have reported that will activity to the U.S. along with U.K. governments.”
yet the officials said that will the extent of Russia’s successful penetration of Western computer networks was not fully clear, nor was the Kremlin’s ultimate intent. Russia might be tapping into millions of home or modest business computers along with some other devices to gain the ability to use them later in a coordinated attack on government computers or critical infrastructure, the officials said.
The goal “can be not always to steal information,” Mr. Joyce said. “Sometimes that will can be to facilitate some other operations” or “for further aggressive acts.”
The warnings issued Monday, including the Discharge of technical guidance to businesses along with individuals, had been from the works for a long period along with do not reflect any response to recent events, the officials said. yet the finger pointing toward Moscow also comes at a moment of escalating tensions.
Russian diplomats have castigated the United States, Britain along with France for their airstrikes last week on what they said were chemical weapons facilities in Syria, where the Kremlin can be backing the government of President Bashar al-Assad. Russia along with the Western governments have also recalled diplomats in a back along with forth over British accusations that will the Kremlin used a nerve agent to try to assassinate a former Russian spy living near London.
In Washington, both Democrats along with Republicans have criticized President Trump for what they say can be his reluctance to hold Russia accountable for its hacking of the Democrats during the 2016 presidential election; American intelligence agencies have also blamed the Kremlin for those attacks.
Against that will backdrop, Washington along with London have been moving together for months to publicize allegations of some other malicious cyberactivities by the Kremlin. In February, they blamed Russia for a cyberattack the previous June that will was known by the name NotPetya. Initially aimed at Ukraine, the attack spread through computer networks around the entire world, doing what the White House said was billions of dollars in damages from the United States, Europe along with Asia.
Both the United States along with Britain have accused the Kremlin of trying to penetrate the electrical grid in both countries, although without yet doing any damage.
After describing the Russian threats, officials of both governments on Monday repeatedly urged individuals along with businesses to better protect their own networks. “We need to place as much emphasis on security as we do on ease along with functionality,” Mr. Joyce urged manufacturers.
Continue reading the main story