The governmental bodies of both nations warn that compromised routers can be used in future cyber attacks.
On Monday, the United States and the United Kingdom issued a joint statement, alleging that hackers linked to the Russian government have gained access to routers across the globe, with the purpose of cyber espionage. The attack targeted businesses, government agencies, and infrastructure operators of critical importance.
United States and United Kingdom officials stated during a conference that this campaign could be further expanded in the following time period to gain a foothold in networks and execute a more extensive series of cyber attacks.
Rob Joyce, cybersecurity coordinator at the White House, stated that they intend to ‘push back,’ regardless of the hacker group’s associated government.
In February, the US government placed the blame on the Russian government for the ‘NotPetya’ offensive cyber campaign, which took place in 2017 with devastating results. The affected devices were crippled by a virus, and the damage was so extensive in Ukraine that it caused a blackout in large parts of the country’s infrastructure.
The intelligence services of the United States came to the conclusion that the Russian government interfered with the presidential elections of 2016. In addition, US President Donald Trump is currently under investigation by federal prosecutors, in order to establish whether or not there was collusion between Moscow and the POTUS to skew the vote results. Both President Trump and Russia have denied these accusations.
On Monday, The US and the UK have released a joint report that includes the technical details and specifics of the attack, as well as suggestion on mitigating the damage. It is hoped that the report will provide companies the means to defend themselves against future attacks.
Additionally, the publishers of the report are asking victims to come forward with any information regarding the attack, in order to gain more of an understanding of the campaign. As Department of Homeland Security official Jeanette Manfra said, they do not yet know the full extent of the damage, but it can cover anything from small home routers to large enterprise networks.
The chief executive of the UK’s National Cyber Security Centre, Ciaran Martin, expressed his concern that the compromised routers could later be used to execute cyber attacks on a much larger scale. Martin added that the “millions of machines” that were targeted could be used to gain a foothold in networks.
Ciaran Martin further states that they have been keeping a close eye on the cyber campaign for around a year, and its underlying tactics for longer. The chief executive said that the report serves as a means to corroborate findings on the attack, adding that they can confirm that the attack ‘directly affected’ both the UK and the US alike.