Russia is using compromised computer network equipment to attack U.S. and British companies and government agencies, the two countries warned in an unprecedented joint alert.
The warning on Monday came from the U.S. Department of Homeland Security, the Federal Bureau of Investigation and Britain’s National Cyber Security Center. It included advice to companies about what they can do to protect themselves and warned specifically of attacks on routers, the devices that channel data around a network.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” according to a joint statement. “Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments.”
U.S. and U.K. relations with Vladimir Putin’s administration are at a low, following the use of a nerve agent to poison a former double agent in Britain in March and the U.S.-led bombing of Syria over the weekend. Britain’s GCHQ intelligence agency had already warned that Russia was using its cyber capabilities to target democracies.
Over the weekend, the Pentagon said Russian “trolling” activity increased 2,000 percent in the wake of the Syria strike.
“Russia is our most capable hostile adversary in cyberspace,” said Ciaran Martin, chief executive officer of Britain’s NCSC. “Many of the techniques used by Russia exploit basic weaknesses in network systems.”