The United States and Britain on Monday accused Russia of launching cyber attacks on computer routers, firewalls and other networking equipment used by government agencies, businesses and critical infrastructure operators around the globe.
Washington and London issued a joint alert saying the campaign by Russian government-backed hackers was intended to advance spying, intellectual property theft and other “malicious” activities and could be escalated to launch offensive attacks.
It followed a series of warnings by Western governments that Moscow is behind a string of cyber attacks. The United States, Britain and other nations in February accused Russia of releasing the “NotPetya” virus, which in 2017 crippled parts of Ukraine’s infrastructure and damaged computers across the globe, costing companies billions of dollars.
The Kremlin did not immediately respond to a request for comment. But Russia’s embassy in London issued a statement citing British accusations of cyber threats from Moscow as “striking examples of a reckless, provocative and unfounded policy against Russia.”
U.S. intelligence agencies last year accused Russia of interfering in the 2016 election with a hacking and propaganda campaign supporting Donald Trump’s campaign for president. Last month the Trump administration blamed Russia for a campaign of cyber attacks that targeted the U.S. power grid.
American and British officials said that the attacks disclosed on Monday affected a wide range of organizations including internet service providers, private businesses and critical infrastructure providers. They did not identify victims or provide details on the impact of the attacks.
“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back,” said Rob Joyce, the White House cyber security coordinator.
Relations between Russia and Britain were already on edge after Prime Minister Theresa May blamed Moscow for the March 4 nerve agent poisoning of former Russian spy Sergei Skripal and his daughter Yulia in the city of Salisbury.
“This is yet another example of Russia’s disregard for international norms and global order - this time through a campaign of cyber espionage and aggression, which attempts to disrupt governments and destabilize business,” a British government spokesman said in London.
Britain and the United States said they issued the new alert to help targets protect themselves and persuade victims to share information with government investigators so they can better understand the threat.
“We don’t have full insight into the scope of the compromise,” said U.S. Department of Homeland Security cyber security official Jeanette Manfra.
The alert is not related to the suspected chemical weapons attack in a town in Syria that prompted a U.S.-led military strike over the weekend targeting facilities of the Russian-backed Syrian government, Joyce said.
Shortly after the announcement, the White House said Joyce would leave his post and return to the U.S. National Security Agency.
A man poses inside a server room at an IT company in this June 19, 2017 illustration photo. REUTERS/Athit Perawongmetha/Illustration
U.S. and British officials warned that infected routers could be used to launch future offensive cyber operations.
“They could be pre-positioning for use in times of tension,” said Ciaran Martin, chief executive of the British government’s National Cyber Security Centre cyber defense agency, who added that “millions of machines” were targeted.