US, UK say Russia targets Internet hardware for espionage

Washington and London jointly accused the Russian government of maliciously targeting global Internet equipment for political and economic espionage. (Shutterstock)
Updated 17 April 2018
0

US, UK say Russia targets Internet hardware for espionage

  • A joint statement by the US Department of Homeland Security, the FBI and the UK’s National Cyber Security Center said the main targets include “government and private-sector organizations”
  • Australia also admonished Russia and accused Kremlin-backed hackers of cyberattacks on hundreds of Australian companies last year

Washington and London on Monday jointly accused the Russian government of maliciously targeting global Internet equipment for political and economic espionage.
The two governments said the Russian operations, which allegedly involve planting malware on Internet routers and other equipment, could also lay the foundation for future offensive cyberattacks.
A joint statement by the US Department of Homeland Security, the FBI and the UK’s National Cyber Security Center said the main targets include “government and private-sector organizations,” as well as providers of “critical infrastructure” and Internet service providers.
“Victims were identified through a coordinated series of actions between US and international partners,” according to a companion technical alert issued by the US Computer Emergency Response Team (US-CERT). Both nations have “high confidence” in the finding of Russian-sponsored cyber-meddling, which the alert said has been reported by multiple sources since 2015.
Australia also admonished Russia and accused Kremlin-backed hackers of cyberattacks on hundreds of Australian companies last year.
Respected US cybersecurity researcher Jake Williams said it was difficult for him to understand the motivation for Monday’s alert given that “the activity has been ongoing for some time.”
“Calling the Russians out on this hardly makes much sense unless there’s some other agenda (most likely political),” Williams, the president of Rendition Infosec, added via text message.
Routers direct data traffic across the Internet. US-CERT said the compromised routers can be exploited for “man-in-the-middle” spoofing attacks, in which communications are intercepted by a seemingly trusted device that has actually been infiltrated by an attacker.
“The current state of US network devices — coupled with a Russian government campaign to exploit these devices — threatens the safety, security, and economic well-being of the United States,” the alert stated. An email message seeking comment from the Russian embassy in Washington, D.C., received no response.
US-CERT urged affected companies, and public sector organizations and even people who use routers in home offices to take action to harden poorly-secured devices. But its alert cited only one specific product: Cisco’s Smart Install software.
Australian Defense Minister Marise Payne told reporterse about 400 Australian companies were targeted in the Russian attacks, but there was no “exploitation of significance.” The country’s cybersecurity minister, Angus Taylor, said. “This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors.”
On March 15, US-CERT issued a similar alert saying the FBI and DHS had determined that Russian government “cyber actors” had sought to infiltrate US agencies as well as “organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.” It said Russian agents had obtained “remote access” to energy sector networks and obtained information on industrial control systems.
Experts have stressed that the March 15 bulletin did not mean Russia had obtained access to systems that control critical infrastructure such as the power grid. But Russia does have history in this regard, as many security experts blame it for several cyber-sabotage attacks on Ukraine’s power grid.


Britain identifies Russians suspected of Skripal nerve attack — report

Updated 7 min 53 sec ago
0

Britain identifies Russians suspected of Skripal nerve attack — report

LONDON: British police have identified several Russians who they believe were behind the nerve agent attack on former double agent Sergei Skripal and his daughter, the Press Association reported on Thursday, citing a source close to the investigation.
Skripal, a former colonel in Russian military intelligence who betrayed dozens of agents to Britain’s MI6 foreign spy service, and his daughter Yulia, were found unconscious on a public bench in the British city of Salisbury on March 4.
Britain blamed Russia for the poisonings and identified the poison as Novichok, a deadly group of nerve agents developed by the Soviet military in the 1970s and 1980s. Russia has repeatedly denied any involvement in the attack.
After analyzing closed-circuit television, police think several Russians were involved in the attack on the Skripals, who spent weeks in hospital before being spirited to a secret location, Press Association reported.
“Investigators believe they have identified the suspected perpetrators of the Novichok attack,” the unidentified source close to the investigation said, according to PA.
“They (the investigators) are sure they (the suspects) are Russian,” said the source, adding security camera images had been cross checked with records of people who entered the country.
A police spokesman declined to comment on the report.
After the attack on the Skripals, allies in Europe and the US sided with Britain’s view of the attack and ordered the biggest expulsion of Russian diplomats since the height of the Cold War.
Russia retaliated by expelling Western diplomats. Moscow has repeatedly denied any involvement and accused the British intelligence agencies of staging the attack to stoke anti-Russian hysteria.
Mystery surrounds the attack.
The motive for attacking Skripal, an aged Russian traitor who was exchanged in a Kremlin-approved spy swap in 2010, is still unclear, as is the motive for using of an exotic nerve agent which has such overt links to Russia’s Soviet past.
Novichok put the Skripals into a coma, though after weeks in intensive care they were spirited to a secret location for their safety.
“My life has been turned upside down,” Yulia Skripal told Reuters in May. “Our recovery has been slow and extremely painful.”
A British woman, Dawn Sturgess, died this month after coming across a small bottle containing Novichok near the city of Salisbury where the Skripals were struck down. Her partner, Charlie Rowley, is still in hospital.
A British police officer was also injured by Novichok while attending to the Skripals in March.