On Monday, the United States and Great Britain warned that Russian government-backed hackers began a global cyber-attack on government agencies, businesses and critical infrastructure operators in 2015. Their joint statement asserted, “Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system. Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations.”
Rob Joyce, the White House cyber security coordinator, said, “When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back.” Ciaran Martin, the chief executive of the NCSC, said, “This is a very significant moment as we hold Russia to account.”
In February, the United States accused Russia of launching the “NotPetya” cyber attack in 2017 that unleashed a virus that crippled parts of Ukraine’s infrastructure and damaged computers across the globe. American and British officials said at the time that the attacks affected a wide range of organizations including internet service providers, private businesses and critical infrastructure providers.
In March, the Trump administration accused Russia of mounting attacks on the energy grid.
Britain and the United States hope their announcement will persuade victims to share information with government investigators. Reuters reported that the warning included an alert that infected routers could be used to launch future offensive cyber operations. Ciaran Martin, chief executive of the British government’s National Cyber Security Centre cyber defense agency, said, “They could be pre-positioning for use in times of tension.”
One senior U.S. official lamented, “It’s harder to track, attribute and respond immediately to a cyber attack ... than it is to know who fired a missile.”