Government bodies, businesses and critical infrastructure providers are being targeted by Russian cyber attacks, UK and US cyber authorities have warned.
The National Cyber Security Centre (NCSC), in a joint statement with the US Department of Homeland Security and FBI, said the Russian state is targeting network infrastructure, including wifi routers and internet firewalls.
The three authorities have published a joint technical alert that recommended public sector organisations and businesses check their network security and take steps to protect themselves.
Ciaran Martin, CEO of NCSC, said: “Russia is our most capable hostile adversary in cyberspace so tackling them is a major priority for the [NCSC] and our US allies.
“This is the first time that in attributing a cyber attack to Russia the US and the UK have, at the same time, issued joint advice to industry about how to manage the risks from the attack. It marks an important step in our fight back against state-sponsored aggression in cyberspace.”
In the advisory, the authorities warned the Russian state was exploiting out-of-date or unencrypted protocols or authenticated services, networked devices that have not been sufficiently protected before installation, and legacy devices no longer supported by manufacturer security patches.
Network infrastructure is the “ideal target” the alert said, because “most or all organisational and customer traffic must traverse these critical devices”. “Own the router, own the traffic,” it said.
Once exploited, these hacks can allow login details and other credentials to be harvested, activity to be monitored, device firmware or operating systems to be modified and online traffic to be routed through Russian controlled infrastructure.
Businesses have been advised to review their device logs for suspicious logins and traffic flow, change default passwords and disable legacy or unencrypted protocols.
Firms should also specify in contracts with their internet service providers that they will always be given supported hardware and receive regular security updates.
☛ Want to stay up to date with the news? Sign up to our daily bulletin.