Britain and the US have issued a formal alert about “malicious cyber activity” by Russia amid warnings that relations with Moscow have hit an all-time low. The UK National Cyber Security Centre (NCSC) combined with the FBI and the US Department of Homeland Security to issue an unprecedented joint “technical alert” setting out the threat across the public and private sectors.
Officials said the move had been planned for “some time” and was not directly related to the US-led missiles strikes over the weekend on Russia’s ally Syria.
However NCSC chief executive Ciaran Martin said it was a “significant moment” in the fight-back against Russian aggression in cyberspace while the White House vowed to use “all elements of national power” to combat the threat.
It came as Russian foreign minister Sergey Lavrov warned East-West relations are now worse than during the Cold War following the Syria strikes and the bitter diplomatic row over the Salisbury nerve agent attack.
A joint UK-US statement said the state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, “threatens our respective safety, security and economic well-being”.
In a joint briefing with US officials, Mr Martin said they had seen the “sustained targeting of multiple entities” over a series of months with millions of machines around the word being targeted.
Russian state-sponsored actors were said to be using “compromised routers” to conduct spoofing “man-in-the-middle” attacks to “support espionage… and potentially lay a foundation for future offensive operations”.
Mr Martin said: “They are around trying to seize control over connectivity so, in the case of targeting providers of internet services, it is about gaining access to their customers to try to gain control over the devices to allow them not just to spy on the primary organization but the organizations they connect to.”
White House cyber security coordinator Rob Joyce said: “Once you own the router, you own all the traffic to include the ability to harvest credentials and passwords and essentially monitor all the traffic. It is a tremendous weapon in the hands of an adversary.”
While Mr Martin said most targeting of the UK had been aimed at government bodies and critical national infrastructure, US officials said everything “from large enterprises to small home offices” could be affected.