You are here: Home » News-IANS » Defence-Security
Business Standard

US, UK warn against Russia-sponsored cyber-attacks

IANS  |  San Francisco 

Cyber representatives from the US and Britain have warned of Russian state-sponsored cyber-attacks that are targeting such as routers and firewalls, to compromise government and private sectors globally.

According to a US Computer Emergency Response Team (US-CERT), the Technical Alert (TA) provided information on the worldwide cyber exploitation of (routers, switches, firewalls, Network-based Intrusion Detection Systems) by Russian state-sponsored cyber actors.

The joint TA is the result of analytic efforts between the US Department of Homeland (DHS), the (FBI), and the UK's National Cyber Centre, according to information on the official website of the DHS.

"Victims were identified through a coordinated series of actions between US and international partners. The report builds on previous DHS reporting and advisories from the UK, and the European Union," the website said.

"The FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations."

Since 2015, the has been receiving information from multiple sources -- including private and public sector cyber security research organisations and allies -- that cyber actors were exploiting large numbers of enterprise-class and and switches worldwide.

The government assessed that cyber actors supported by the carried out this worldwide campaign.

These operations enable espionage and intellectual property that supports the Russian Federation's and economic goals, the website said.

Russian cyber-actors leverage a number of legacy or weak protocols and service ports associated with network administration activities.

Cyber-actors use these weaknesses to identify vulnerable devices, extract device configurations, harvest login credentials, modify device firmware, and copy or redirect victim traffic through Russian cyber-actor-controlled infrastructure.

Organisations can use publicly available cyber security guidance and best practices from DHS, allied governments, vendors and the private-sector cyber security community on mitigation strategies for the exploitation vectors to safeguard their networks.

Meanwhile, an expert from cyber security company said that has repeatedly leveraged to protect its interests, especially when the country's prestige as a military superpower is threatened.

"For instance, when their place in was embarrassingly lost, they lashed out with a campaign to undermine the legitimacy of the games, ultimately culminating in an attempt to disrupt the events themselves," John Hultquist, at FireEye, said in a statement.

"As in the Olympics, is already seeking to undermine the legitimacy of the strikes through we suspect are tied to the (IRA). They could complement these campaigns with targeted leaks as they did during the US elections."

Furthermore, more aggressive options such as could be employed, though they may be considered too escalatory, Hultquist added.



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

First Published: Tue, April 17 2018. 18:04 IST