‘Millions of machines’ targeted in Russian hack, US and UK say
The United States and Britain have alleged Russian Government-backed hackers have infected computer routers around the world in a cyber espionage campaign targeting government agencies, businesses and critical infrastructure operators.
- Authorities says infected routers could be used for future attacks
- UK says "millions of machines" targeted
- US, UK call on victims to reports any infections found
US and British officials told reporters in a conference call that they planned to issue a joint alert on the attacks, which targeted routers that form a key part of the internet infrastructure in a cyber espionage campaign that could be leveraged in the future to launch offensive attacks.
"When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back," said Rob Joyce, the White House cybersecurity coordinator.
The US and British governments said they planned to provide technical details on the attacks so that organisations can determine whether they have been hacked and thwart similar future hacking attempts.
The governments asked victims to report any infections so they could better understand the impact of the campaign.
"We don't have full insight into the scope of the compromise," said Jeanette Manfra, a cybersecurity official for the US Department of Homeland Security.
US and British officials said the infected routers could be used to launch future offensive cyber operations.
"They could be pre-positioning for use in times of tension," said Ciaran Martin, chief executive of the British Government's National Cyber Security Centre, who added that "millions of machines" were targeted.
The White House in February blamed Russia for the devastating "NotPetya" cyber attack in 2017, joining the British Government in condemning Russia for unleashing a virus that crippled parts of Ukraine's infrastructure and damaged computers across the globe.
US intelligence agencies also concluded that Moscow interfered in the 2016 presidential campaign and a federal prosecutor is investigating whether President Donald Trump's campaign colluded with Russians to sway the vote.
Both Moscow and Mr Trump have denied the allegations.
ISPs, private firms, critical infrastructure targeted
The latest attacks affected a wide range of organisations including internet service providers, private-sector firms and critical infrastructure providers, the officials said.
Mr Martin said authorities had been tracking the campaign for about a year and the tactics behind them for longer.
"We in the UK can independently corroborate all of the detection work in this report to validate the assessment of US colleagues, and we can also confirm that all of the attacks mentioned in this report have directly affected the UK," he said.
Ms Manfra said the campaign was widespread and could cover "everything from large enterprises to small home offices".