Millions targeted in suspected Russian cyber-attack

Published: 17 April 2018 Image credit: Reuters

Russia

The United Kingdom and the United States have accused Russia of instigating a malicious cyber-attack, which affected ‘millions of machines’, including those in hundreds Australian businesses.

The US Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI),) and the UK’S National Cyber Security Centre (NCSC) released a ‘joint technical alert’ advising that “Russian state-sponsored cyber actors are targeting network infrastructures” in a widespread attack that may have also affected thousands of Australian systems.

In a statement, the NCSC said attacks were directed at key “network infrastructure devices” such as routers, switches, ISPSs and firewalls.

The alleged intentions of the mass hackings were to “support espionage”, extract information and intellectual property from affected systems and maintain persistent access to “victim networks”, according to British authorities.  

These potential “victim networks” range from small-office and in-home systems to large private and public sector corporations.

“Russian government activities continue to threaten our respective safety, security and the very integrity of our cyber ecosystem,” said Jeanette Manfra, the UK National Protection and Programs Directorate (NPPD) Assistant Secretary for Cybersecurity and Communications.

FBI Deputy Assistant Director Howard Marshall said the activity is a part of a “repeated pattern of disruptive and harmful cyber action” carried out by Russia.

While representatives of the UK and the US were united in strongly condemning the attacks, the Russian government has denied involvement.

“We consider these accusations and speculations as striking examples of a reckless, provocative and unfounded policy against Russia. We are disappointed by the fact that such serious claims have been made publicly,” a representative from the Russian Embassy in London said.

But the UK and US remain steadfast in their accusations, with the UK’S National Cyber Security Centre alleging that one of Russia’s motives was to “potentially lay a foundation for future offensive operations” and that multiple sources support the accusations against Russia.

This is just the latest in a serious of escalating confrontations between Western Allies and Russia, with both US President Trump and Russia’s Foreign Minister Sergey Lavrov recently stating that relations between the superpowers are worse than during the height of the Cold War.

“The situation is worse compared to the classical Cold War since some rules were in force at that time and some decency was in place,” Lavrov said.

As tensions remain high over Russia’s involvement in Syria, its alleged tampering in the 2016 US election and the poisoning of a former Russian spy, the UK and US say that Russia will be held accountable for the cyber-attacks.

“The UK government will continue to work with the US, other international allies and industry partners to expose Russia’s unacceptable cyber behaviour, so they are held accountable for their actions,” Ciaran Martin, CEO of the UK’s National Cyber Security Centre said.

Australian authorities confirmed that while hundreds of business were affected by the attack, there was no indication that any information has been compromised at this point.