Kremlin in cyber attack on Brits
TENS of thousands of British families’ computers have been targeted by Russia – potentially paving the way for a devastating cyber attack, security chiefs warned yesterday.
They fear the Kremlin is trying to identify vulnerabilities allowing it to “lay a foundation for future offensive operations” that could cripple Britain.
The concern is that Russia could take control of these devices then use them to overload vital infrastructure systems such as banks, water supplies, energy networks, emergency services and even the armed forces.
A so-called “man in the middle” attack could be carried out anonymously because the government would not know who had hacked into these systems in UK homes.
Security chiefs said they feared Moscow-backed hackers were trying to create a “tremendous weapon” to unleash in “times of tension”.
Yesterday Britain’s eavesdropping agency GCHQ, the White House and the FBI launched an unprecedented joint alert about “malicious cyber activity” carried out worldwide by the Kremlin.
They warned Moscow was mounting a campaign to exploit vulnerable devices and threaten “our respective safety, security and economic wellbeing”. It followed a warning on Sunday that Russian President Vladimir Putin was ready to retaliate for the Western strike on Syria, where Bashar al-Assad’s regime is backed by Russia.
Britain has been tracking the online activity for more than a year, Ciaran Martin of the National Cyber Security Centre said.
Kremlin-sponsored actors were said to be using “compromised routers” to conduct “spoofing” – when the attacker hides their identity – to “support
THE PURPOSE OF THESE ATTACKS COULD BE ESPIONAGE, IT COULD BE THE THEFT OF INTELLECTUAL PROPERTY
espionage … and potentially lay a foundation for future offensive operations”.
In a highly unusual transAtlantic telephone briefing, Mr Martin said: “These are millions of machines being globally targeted. They are around trying to seize control over connectivity.
“In the case of targeting providers of internet services, it’s about gaining access to their customers to try to gain control over the devices. The purpose of these attacks could be espionage, it could be the theft of intellectual property, it could be positioning for use in times of tension.”
NATIONAL CYBER SECURITY CENTRE