Now Russians target UK families
Experts fear hackers will hijack home computers for attack
TENS of thousands of British families’ computers have been targeted by Russia – potentially paving the way for a devastating cyber attack, security chiefs warned last night.
They fear the Kremlin is trying to identify vulnerabilities allowing it to ‘lay a foundation for future offensive operations’ that could cripple Britain.
The concern is that Russia could take control of these devices then use them to overload vital infrastructure systems such as banks, water supplies, energy networks, emergency services and even the Armed Forces.
A so-called ‘man-in-the-middle’ attack could be carried out anonymously because the Government would not know who had hacked into these systems in UK homes.
Security chiefs said they feared Moscowbacked hackers were trying to create a ‘tremendous weapon’ to unleash in ‘times of tension’. Yesterday Britain’s eavesdropping agency GCHQ, the White House and the FBI launched an unprecedented joint alert about ‘malicious cyber activity’ carried out across the globe by the Kremlin.
They warned that Moscow was mounting a campaign to exploit vulnerable devices and threaten ‘our respective safety, security, and economic well-being’. It followed a warning on Sunday that Vladimir Putin was ready to retaliate for the Western strike on Syria, where Bashar al-Assad’s regime is backed by Russia.
Britain has been tracking the online activity for more than a year, Ciaran Martin of the National Cyber Security Centre (NCSC) said.
Kremlin- sponsored actors were said to be using ‘compromised routers’ to conduct ‘spoofing’ – when the attacker hides their identity – to ‘support espionage… and potentially lay a foundation for future offensive operations’.
In a highly unusual transatlantic telephone briefing, Mr Martin said: ‘These are millions of machines being globally targeted. They are around trying to seize control over connectivity.
‘In the case of targeting providers of internet services, it’s about gaining access to their customers to try to gain control over the devices to allow them.
‘The purpose of these attacks could be espionage, it could be the theft of intellectual property, it could be positioning or use in times of tension. All of the attacks have directly affected the UK.’
He said there had been attacks ‘directly targeted at the UK, the UK Government and critical, national services’.
Howard Marshall, of the FBI, said US government experts had found themselves ‘unwittingly on the frontline of the battle’ against Moscow’s cyber attacks. He said that, if Russia were able to hack into a wireless router then ‘own
it’, hackers could monitor all the traffic going through it. ‘It is a tremendous weapon,’ he said. However, Rob Joyce, a White House cyber security co-ordinator, warned the Kremlin that the US and Britain would respond to any attack. The UK has carried out a huge cyber offensive against Islamic State but it is not known whether it has yet engaged in an online war with Russia. Mr Joyce said: ‘ When we see malicious cyber activity whether from the Kremlin or other state actors we are going to push back. ‘We are pushing back hard. Cyber activity must be stopped and opposed at every turn.’ He said they were confident Russia had carried out a ‘ co-ordinated campaign to gain access to enterprise, small office routers and residential routers – the kind of things you and I have in our homes.’ The NCSC, FBI and US department of homeland security warned that Russian statesponsored actors were trying to spy on individuals, industries and the Government.
A joint UK-US statement said ‘multiple sources’ – including private and public sector cyber security research organisations and allies – had reported such activity to governments.
Mr Martin said: ‘ Russia is our most capable hostile adversary in cyberspace so dealing with their attacks is a major priority.
He said the joint alert ‘marks an important step in our fight back against state-sponsored aggression in cyber space’.
A Government spokesman said: ‘This is yet another example of Russia’s disregard for international norms and global order – this time through a campaign of cyber espionage and aggression, which attempts to disrupt governments and de-stabilise business. The attribution of this malicious activity sends a clear message to Russia – we know what you are doing and you will not succeed.’
‘Must be stopped and opposed at every turn’