WASHINGTON – Cybersecurity officials from the U.S. and United Kingdom accused the Russian government Monday of sponsoring attacks for possible use in espionage or stealing intellectual property from large corporations down to individual homes.
The attacks have targeted computer equipment worldwide such as routers, switches and firewalls, according to the officials from the White House, Department of Homeland Security and FBI, and counterparts in England. The goal of the announcement Monday was to warn corporations and individuals to protect themselves against attacks.
“We hold the Kremlin responsible,” said Jeanette Manfra, assistant secretary for cybersecurity at the Department of Homeland Security.
The officials said the attacks aren’t always for espionage or to steal intellectual property, but to seize control of computer equipment to potentially launch future attacks.
“It’s a tremendous weapon in the hand of an adversary,” said Howard Marshall, FBI’s deputy assistant director for cybersecurity.
The report Monday follows U.S. government identification of cyber attacks from North Korea, Russia and Iran. The U.S. response to China attacks included the $50 billion in threatened trade sanctions, which apply largely to the alleged theft of intellectual property, Joyce said.
“We are pushing back and we’re pushing back hard,” said Rob Joyce, White House special assistant to the president and cybersecurity director.
The campaign launched Monday is designed to encourage companies and individuals to protect their systems including routers, switches and firewalls through changing passwords and configuring their devices to prevent them from being hijacked.
Routers have long been known to be vulnerable to hacking and infiltration. Multiple studies have found that companies often install routers with their default passwords (often simply 1-2-3-4), making them child’s play to break into. In addition, many small and home offices as well as individuals never set up any security on their home routers.
Once a skilled, or even semi-skilled, hacker has accessed a router it can be a simple matter to connect to other networks. Unless the hacker hits a tough firewall or other protective software, they can often wander at will.
The concerns here are two-fold. The first is that the Russians might gain access to data and intellectual property, allowing them to spy on companies and individuals and steal not only their secrets but the data that they use to run their businesses.
The second, which the officials alluded to, is that the Russians could be setting up backdoors that would allow them to take down critical infrastructure such as banking, energy and manufacturing, as a precursor to actual physical war.
Military officials have long worried that the first strike in any “kinetic” war (in which things are actually blown up) could very likely be a cyber strike, knocking out a nation’s infrastructure and making it more difficult for the nation to strike back against missiles and other hostile actions. Russian generals have discussed this as a legitimate form of warfare for years.
“This is a global threat,” Manfra said. “Once you own the router, you own the traffic that is traversing the router.”
The United States and United Kingdom have been tracking the vulnerabilities of these devices and knows of at least two examples of them being targeted.
In November 2016 they saw Russian cyber actors scanning a basic Internet protocol for finding devices that are on Internet networks, looking for vulnerable infrastructure devices such as routers that could be easily hacked.
In 2017 they saw Russian actors using software created by Internet network company Cisco that allows networks to be profiled to scan for vulnerable systems and routers.
“It is fairly widespread and can cover everything from large enterprises to small home offices,” Manfra said.
Read or Share this story: https://usat.ly/2H1MPwJ