Today, we reported that UK Prime Minister Theresa May has been briefed on a possible incoming Russian-based cyberattack that could heavily compromise the country and release compromising information about the country’s lawmakers. It appears as though the threat has expanded just from gaining leverage on politicians. The FBI, DHS and UK cyber intelligence agency NCSC have jointly accused Russian-based attackers of having engaged in trying to compromise routers, switches and firewalls around the world to hijack the Internet’s infrastructure.
This is incredibly dangerous for several reasons. First, this type of effort has targeted millions of machines to spy on ISP customers, organizations and government agencies. Second, this type of attack strategy lets Russia peer at the data that’s passing through compromised devices, whether it’s personal of business related. Third, this allows attackers to cripple firewalls and intrusion detection systems that organizations use to glam malicious traffic, according to the BBC. The alert also theorized that this type of compromise to hardware might even be used as a foundation for future attacks.
The joint statement said that the main targets have been government departments, big companies, firms running ‘critical infrastructure,’ and ISPs. Lastly, the alert outlined what erratic hardware behavior should indicate if a device has been already compromised. The joint report didn’t identity any companies that have been affected, or the number of devices that have already been hacked.