UK and US warn of Rus­sia cy­ber at­tacks in a joint state­ment

Western Mail - - NEWS - GAVIN COR­DON news­desk@waleson­

BRITAIN and the United States have is­sued an un­prece­dented for­mal warn­ing about “ma­li­cious cy­ber ac­tiv­ity” by the Rus­sian gov­ern­ment.

The UK Na­tional Cy­ber Se­cu­rity Cen­tre (NCSC) joined with the FBI and US Depart­ment of Home­land Se­cu­rity to is­sue a joint “tech­ni­cal alert” set­ting out the threat to in­dus­try.

It warns Rus­sian state-spon­sored ac­tors are us­ing “com­pro­mised routers” to con­duct spoof­ing “man-in-the-mid­dle” at­tacks to “sup­port es­pi­onage, ex­tract in­tel­lec­tual prop­erty, main­tain per­sis­tent ac­cess to vic­tim net­works and po­ten­tially lay a foun­da­tion for fu­ture of­fen­sive op­er­a­tions”.

A joint UK-US state­ment said “mul­ti­ple sources” – in­clud­ing pri­vate and pub­lic sec­tor cy­ber se­cu­rity re­search or­gan­i­sa­tions and al­lies – had re­ported such ac­tiv­ity to the US and UK gov­ern­ments.

It said the cur­rent state of US and UK net­work de­vices, cou­pled with a Rus­sian gov­ern­ment cam­paign to ex­ploit these de­vices, “threat­ens our re­spec­tive safety, se­cu­rity, and eco­nomic well­be­ing”.

NCSC chief ex­ec­u­tive Ciaran Mar­tin said: “Rus­sia is our most ca­pa­ble hos­tile ad­ver­sary in cy­berspace, so deal­ing with their at­tacks is a ma­jor pri­or­ity for the Na­tional Cy­ber Se­cu­rity Cen­tre and our US al­lies.

“This is the first time that, in at­tribut­ing a cy­ber at­tack to Rus­sia, the US and the UK have at the same time is­sued joint ad­vice to in­dus­try about how to man­age the risks from at­tacks.

“It marks an im­por­tant step in our fight back against state­spon­sored ag­gres­sion in cy­berspace. For over 20 years, GCHQ has been track­ing the key Rus­sian cy­ber at­tack groups and to­day’s joint UK-US alert shows that the threat has not gone away.

“The UK Gov­ern­ment will con­tinue to work with the US, other in­ter­na­tional al­lies and in­dus­try part­ners to ex­pose Rus­sia’s un­ac­cept­able cy­ber be­hav­iour so they are held ac­count­able for their ac­tions.

“Many of the tech­niques used by Rus­sia ex­ploit ba­sic weak­nesses in net­work sys­tems. The NCSC is lead­ing the way glob­ally to is­sue ad­vice and au­to­mate de­fences at scale to re­move those ba­sic at­tacks, thereby al­low­ing us to fo­cus on the most po­tent threats.”

The joint state­ment said the tar­gets of at­tacks have been pri­mar­ily gov­ern­ment and pri­vate sec­tor or­gan­i­sa­tions, crit­i­cal in­fras­truc­ture providers and the in­ter­net ser­vice providers (ISPs) which sup­port these sec­tors. Specif­i­cally, it said they had been di­rected at net­work in­fras­truc­ture de­vices world­wide such as routers, switches, fire­walls and net­work in­tru­sion de­tec­tion sys­tems (NIDS).

> Ciaran Mar­tin

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.