Russia-backed hackers are attacking network equipment around the globe, say US and Britain
The attacks have affected a range of organisations including internet service providers, private businesses and critical infrastructure providers, officials said
The United States and Britain on Monday warned of a global cyberattack targeting routers and other networking equipment, blaming Russian government-backed hackers for the campaign on government agencies, businesses and critical infrastructure operators.
Washington and London issued a joint alert, saying the widespread, global campaign began in 2015 and could be escalated to launch offensive attacks.
A senior US official, speaking on condition of anonymity, said there had been a steady increase in Russian cyberattacks in recent years.
“It’s harder to track, attribute and respond immediately to a cyberattack … than it is to know who fired a missile,” the official said.
The alert comes two months after the United States and Britain accused Russia of carrying out the damaging “NotPetya” cyberattack in 2017 that unleashed a virus that crippled parts of Ukraine’s infrastructure and damaged computers across the globe.
American and British officials said the attacks affected a wide range of organisations including internet service providers, private businesses and critical infrastructure providers. They did not identify any victims or provide details on the impact of the attacks.
“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back,” said Rob Joyce, the White House cybersecurity coordinator.
The Kremlin did not respond to a request for comment late on Monday. Moscow has denied previous accusations that it carried out cyberattacks on the United States and other countries.
US intelligence agencies last year accused Russia of interfering in the 2016 election with a hacking and propaganda campaign supporting Donald Trump.
Last month the Trump administration blamed Russia for a campaign of cyberattacks stretching back at least two years that targeted the US power grid.
Britain and the United States said they issued the alert to help targets protect themselves and persuade victims to share information with government investigators so they can better understand the threat.
“We don’t have full insight into the scope of the compromise,” said Jeanette Manfra, a cybersecurity official for the US Department of Homeland Security.
The alert is unrelated to the suspected chemical weapons attack in a town in Syria that prompted a US-led military strike over the weekend targeting facilities of the Russian-backed Syrian government, Joyce said.
US and British officials warned that infected routers could be used to launch future offensive cyber operations.
“They could be pre-positioning for use in times of tension,” said Ciaran Martin, chief executive of the British government’s National Cyber Security Centre, who added that “millions of machines” were targeted.
Some private-sector cybersecurity experts have criticised the US government for being too slow to release information about cyberattacks. Monday’s announcement appears to reflect a desire to publicise a threat quickly and widely even before officials completely understand its breadth.