On Monday, the U.S. and U.K. issued a series of joint statements warning about an ongoing Russian cyber campaign that aimed to support Russian intelligence gathering and even future offensive operations within the two nations.
The hacking effort has been targeting network infrastructure devices like routers, as well as “critical infrastructure” providers and even internet service providers themselves.
“Once you own the router, you own the traffic traversing the router,” chief Homeland Security cyber official Jeanette Manfra said, who characterized the cyber offensive as a “fairly broad campaign” that dates back to at least 2015.
Both nations cite Russia specifically in the headline of their bulletins, though it is important to note that Defense Officials have used the phrase “high confidence” to describe their level of certainty that the Russian government itself has been funding the effort. That assertion will almost certainly fuel the fire of conspiracy theorists claiming Russia is being targeted by Western powers.
Russia has also claimed that a nerve agent attack on a Russian turncoat in Salisbury, England last month was a hoax, that the chemical attack that prompted an international response in Syria last week never occurred, and even that Syrian defenses intercepted the inbound air strikes that destroyed several structures belonging to Assad’s Syrian regime last Friday. In each instance, Russia has provided no evidence to support their claims, which often even contradict one another, but that hasn’t stopped many of these Russian-sourced conspiracy theories from gaining traction in social media.
Russian government activities continue to threaten our respective safety, security, and the very integrity of our cyber ecosystem.” The U.K.’s Jeanette Manfra, National Protection and Programs Directorate (NPPD) Assistant Secretary for Cybersecurity and Communications, said.
“We condemn this latest activity in the strongest possible terms and we will not accept nor tolerate any malign foreign cyber operations, intrusions, or compromises — to include influence operations.”
FBI Deputy Assistant Director Howard Marshall also offered his assessment of the effort, and unlike other officials who tiptoed who were willing to place the blame for the effort on Russian based hackers but shied away from placing the blame on the Kremlin itself, Marshall left no room for confusion in characterizing who he considers to be responsible for the campaign.
The activity highlighted today is part of a repeated pattern of disruptive and harmful malicious cyber action carried out by the Russian government,” he said.
As long as this type of activity continues, the FBI will be there to investigate, identify and unmask the perpetrators, in this case, the Russian government. The joint Technical Alert released today underscores our commitment to working with our partners, both at home and abroad, to combat malicious cyber activity and hold those responsible accountable. We do not make this attribution lightly and will hold steadfast with our partners.”
Soon after the joint U.K./U.S. release, Australia issued its own statement supporting the claims of its allies and citing evidence of the same campaign within Australian borders. According to their experts, up to 400 different businesses may have been targeted in the Russian campaign.
This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors, and we must maintain rigorous cyber security practices,” Minister for Law Enforcement and Cyber Security Angus Taylor said.
Image courtesy of Wikimedia Common