Russia is being accused of a massive campaign to undermine the security of firewalls and routers in a bid to support espionage and future attacks.
It comes from UK and U.S. authorities who have issued a joint cybersecurity alert for the first time ever to warn people of the threat.
“The activity highlighted today is part of a repeated pattern of disruptive and harmful malicious cyber action carried out by the Russian government,” FBI deputy assistant director Howard Marshall said in a statement online.
“As long as this type of activity continues, the FBI will be there to investigate, identify and unmask the perpetrators, in this case, the Russian government.” he said. “We do not make this attribution lightly and will hold steadfast with our partners.”
The warning states that since 2015, authorities have received information about “cyber actors” exploiting large numbers of enterprise-scale and residential routers and switches around the world.
These “cyber actors” are identifying vulnerable devices to break into, where they can extract device configurations, harvest login details, and control the traffic that goes through the router.
“Russia is our most capable hostile adversary in cyberspace.”
“Russia is our most capable hostile adversary in cyberspace so tackling them is a major priority for the National Cyber Security Centre and our U.S. allies,” Ciaran Martin, CEO of the National Cyber Security Centre, said in a statement.
“This is the first time that in attributing a cyber attack to Russia the U.S. and the UK have, at the same time, issued joint advice to industry about how to manage the risks from the attack. It marks an important step in our fight back against state-sponsored aggression in cyberspace.”
The alert details some of the things owners and manufacturers can keep an eye on. For owners, they’re asked to ensure network devices are up-to-date, change default passwords, and ensure the firmware on the device is from a trusted source.
Manufacturers and ISPs are asked to not support out-of-date, unencrypted, or unauthenticated protocols and services.
“Many of the techniques used by Russia exploit basic weaknesses in network systems. The NCSC is leading the way globally to automate defences at scale to take away some of those basic attacks, thereby allowing us to focus on the most potent threats,” Martin added.