US, UK ac­cuse Rus­sia of in­ter­net es­pi­onage

Mal­ware found on routers, equip­ment

Bangkok Post - - WORLD -

MOSCOW: Wash­ing­ton and Lon­don on Mon­day jointly ac­cused the Rus­sian gov­ern­ment of ma­li­ciously tar­get­ing global in­ter­net equip­ment for po­lit­i­cal and eco­nomic es­pi­onage.

The two gov­ern­ments said the Rus­sian op­er­a­tions, which al­legedly in­volve plant­ing mal­ware on in­ter­net routers and other equip­ment, could also lay the foun­da­tion for fu­ture of­fen­sive cy­ber at­tacks.

A joint state­ment by the US Depart­ment of Home­land Se­cu­rity, the FBI and the UK’s Na­tional Cy­ber Se­cu­rity Cen­tre said the main tar­gets in­clude “gov­ern­ment and pri­vate-sec­tor or­gan­i­sa­tions,’’ as well as providers of “crit­i­cal in­fras­truc­ture’’ and in­ter­net ser­vice providers.

“Vic­tims were iden­ti­fied through a co­or­di­nated se­ries of ac­tions be­tween US and in­ter­na­tional part­ners,’’ ac­cord­ing to a com­pan­ion tech­ni­cal alert is­sued by the US Com­puter Emer­gency Re­sponse Team (USCert). Both na­tions have “high con­fi­dence’’ in the find­ing of Rus­sian-spon­sored cy­ber­med­dling, which the alert said has been re­ported by mul­ti­ple sources since 2015.

Aus­tralia also ad­mon­ished Rus­sia and ac­cused Krem­lin-backed hack­ers of cy­ber at­tacks on hun­dreds of Aus­tralian com­pa­nies last year.

Re­spected US cy­ber­se­cu­rity re­searcher Jake Williams said it was dif­fi­cult for him to un­der­stand the mo­ti­va­tion for Mon­day’s alert given that “the ac­tiv­ity has been on­go­ing for some time’’.

“Call­ing the Rus­sians out on this hardly makes much sense un­less there’s some other agenda [most likely po­lit­i­cal],’’ Mr Williams, the pres­i­dent of Ren­di­tion In­fosec, added via text mes­sage.

Routers di­rect data traf­fic across the in­ter­net. US-Cert said the com­pro­mised routers can be ex­ploited for “man-in-themid­dle’’ spoof­ing at­tacks, in which com­mu­ni­ca­tions are in­ter­cepted by a seem­ingly trusted de­vice that has ac­tu­ally been in­fil­trated by an at­tacker.

“The cur­rent state of US net­work de­vices — cou­pled with a Rus­sian gov­ern­ment cam­paign to ex­ploit these de­vices — threat­ens the safety, se­cu­rity, and eco­nomic well-be­ing of the United States,’’ the alert stated. An email mes­sage seek­ing com­ment from the Rus­sian em­bassy in Wash­ing­ton, DC, re­ceived no re­sponse.

US-Cert urged af­fected com­pa­nies, and pub­lic sec­tor or­gan­i­sa­tions and even peo­ple who use routers in home of­fices to take ac­tion to harden poorly-se­cured de­vices. But its alert cited only one spe­cific prod­uct: Cisco’s Smart In­stall soft­ware.

Aus­tralian De­fence Min­is­ter Marise Payne told re­porters about 400 Aus­tralian com­pa­nies were tar­geted in the Rus­sian at­tacks, but there was no “ex­ploita­tion of sig­nif­i­cance’’. The coun­try’s cy­ber se­cu­rity min­is­ter, An­gus Tay­lor, said. “This at­tempt by Rus­sia is a sharp re­minder that Aus­tralian busi­nesses and in­di­vid­u­als are con­stantly tar­geted by ma­li­cious state and non-state ac­tors.’’

On March 15, US-Cert is­sued a sim­i­lar alert say­ing the FBI and DHS had deter­mined that Rus­sian gov­ern­ment “cy­ber ac­tors’’ had sought to in­fil­trate US agen­cies as well as “or­gan­i­sa­tions in the en­ergy, nu­clear, com­mer­cial fa­cil­i­ties, wa­ter, avi­a­tion, and crit­i­cal man­u­fac­tur­ing sec­tors.’’ It said Rus­sian agents had ob­tained “re­mote ac­cess’’ to en­ergy sec­tor net­works and ob­tained in­for­ma­tion on in­dus­trial con­trol sys­tems.

Ex­perts have stressed that the March 15 bul­letin did not mean Rus­sia had ob­tained ac­cess to sys­tems that con­trol crit­i­cal in­fras­truc­ture such as the power grid. But Rus­sia does have his­tory in this re­gard, as many se­cu­rity ex­perts blame it for sev­eral cy­ber-sab­o­tage at­tacks on Ukraine’s power grid.


Rus­sian Pres­i­dent Vladimir Putin chairs a meet­ing of the Se­cu­rity Coun­cil at the Krem­lin in Moscow, Rus­sia Oc­to­ber 26, 2017.

Newspapers in English

Newspapers from Thailand

© PressReader. All rights reserved.