US, UK warn against Russia-sponsored cyber-attacks

San Francisco : Cyber security representatives from the US and Britain have warned of Russian state-sponsored cyber-attacks that are targeting network infrastructure devices such as routers and firewalls, to compromise government and private sectors globally.

According to a US Computer Emergency Response Team (US-CERT), the Technical Alert (TA) provided information on the worldwide cyber exploitation of network infrastructure devices (routers, switches, firewalls, Network-based Intrusion Detection Systems) by Russian state-sponsored cyber actors.

The joint TA is the result of analytic efforts between the US Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre, according to information on the official website of the DHS.

“Victims were identified through a coordinated series of actions between US and international partners. The report builds on previous DHS reporting and advisories from the UK, Australia and the European Union,” the website said.

“The FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” the website added.

Since 2015, the US government has been receiving information from multiple sources — including private and public sector cyber security research organisations and allies — that cyber actors were exploiting large numbers of enterprise-class and residential routers and switches worldwide.

The US government assessed that cyber actors supported by the Russian government carried out this worldwide campaign.

These operations enable espionage and intellectual property that supports the Russian Federation’s national security and economic goals, the website said.

Russian cyber actors leverage a number of legacy or weak protocols and service ports associated with network administration activities.

Cyber actors use these weaknesses to identify vulnerable devices, extract device configurations, harvest login credentials, modify device firmware, and copy or redirect victim traffic through Russian cyber-actor-controlled infrastructure.

Organisations can use publicly available cyber security guidance and best practices from DHS, allied governments, vendors and the private-sector cyber security community on mitigation strategies for the exploitation vectors to safeguard their networks.


Also read-


Please enter your comment!
Please enter your name here

Related Stories

Russia and Turkey sends another humanitarian aid to Gaza

Moscow : Russia on Friday sent another cargo plane containing 25 tons of humanitarian aid for the people of the besieged Gaza Strip. The Il-76...

Why is Russia compelled to buy BrahMos?

By Haider Abbas India is taking deft diplomatic steps, to even buy Chinese Yuan, in order to pay Russia for its crude oil, but Russia...

Turkey’s Erdogan says ready to host Putin in August

Ankara : Turkish President Recep Tayyip Erdogan he is ready to host his Russian counterpart Vladimir Putin in Ankara next month for talks on...

Criminal case opened in Russia following Quran desecration

MOSCOW : The Russian Investigative Committee said Friday it has opened a criminal case against a 28-year-old Egyptian citizen after he published a video,...
ATHENS : A group of UN experts called for full and independent investigations into crimes committed in Israel and Palestine in a joint statement on Monday. Urging Israel, the Palestinian Authority in the West Bank and authorities in Gaza to...
By Asad Mirza Last week, veteran Dutch anti-Islam politician Geert Wilders vowed to be Prime Minister of the Netherlands eventually, following an election in which his party won the most seats. Wilders vowed on X: “I will be prime minister.” In a...
OVIEDO, Spain / LONDON : EU foreign policy chief Josep Borell said on Monday that without a Palestinian state, there will be “no peace or security for Israel.” Borrell is in Barcelona for the eighth ministerial forum of the Union...
Srinagar : Seven students of an agricultural university have been arrested here under the Unlawful Activities Prevention Act (UAPA) for allegedly raising objectionable slogans and celebrating the Indian cricket team’s loss in the World Cup final, officials said on...
Tel Aviv : Hamas had initially planned its October 7 cross-border onslaught for the eve of Passover, but cancelled the attack after Israel raised the alert level, Israeli media reported. Military intelligence caught the early signs of an attack on...