In a joint conference call senior security officials from both countries blamed the Kremlin for targeting government bodies, private organisations and internet providers.
“Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls and network intrusion detection systems,” said the statement.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations.
“The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic wellbeing.”
Representatives from the FBI, the US Department of Homeland Security and the UK’s National Cyber Security Centre (NCSC) took part in the conference call.
The cyber campaign has reportedly targeted millions of machines although the extent of disruption caused is not yet clear.
Internet routers, which are reportedly a primary target of the attacks, can be compromised through ‘man-in-the-middle’ attacks in which communications are intercepted by an ostensibly trusted device that has been infiltrated by an attacker.
The White House has warned Moscow that it could respond with fresh sanctions and indictments.
The UK and US might even retaliate in kind. In his first public speech as the head of GCHQ, Jeremy Fleming revealed last week how the UK mounted its own cyber-offensive on Islamic State to disrupt the organisation’s ability to spread propaganda – the first time the UK has publicly admitted to launching cyber-attacks.
The US and UK have, in an unprecedented move, issued joint advice to all sectors that may have been compromised
The US and UK have, in an unprecedented move, issued joint advice to all sectors that may have been compromised on how to spot evidence of a breach and reduce the impact.
Rob Joyce, the White House cybersecurity coordinator, insisted the latest attacks emanating from Russia were unrelated to the US and UK missile attacks on Syria. He said security experts had anticipated a cyber-offensive – which the US has dubbed ‘GRiZZLY STEP’ – for months.
Relations between Moscow and the West have become increasingly strained, with the Kremlin accused of interfering in democratic elections in the US and Europe, Russia backing Bashar al-Assad in the Syrian conflict and the Kremlin implicated in the nerve agent attack in Salisbury. Russia was also blamed for a wave of cyber-attacks that caused global disruption last year, including to the NHS, as well as a breach of the US energy grid.
Many commentators have suggested that the Cold War has effectively been rebooted for the digital age.
If the first Cold War was characterised by fear of nuclear war (although those anxieties persist), its successor is apparently being waged in the virtual theatre of computer networks.
However,the proxy war being waged in Syria very much echoes how the US and Soviet Union backed different sides during the Soviet-Afghan War that lasted from 1979 to 1989.
Despite the huge scale of cyber-attacks emanating from Russia, the co-founder of a top cybersecurity company has claimed that North Korea actually poses a bigger cybersecurity threat.
Speaking to the Guardian, Crowdstrike’s Dmitri Alperovitch said: “I worry a great deal that they may do a destructive attack, perhaps against our financial sector, in an attempt to deter a potential US strike against either their nuclear facilities or even the regime itself.
“Regardless of whether a military strike is actually on the cards or not, what matters is whether they think one might happen. And given all the rhetoric over the last year or so, it wouldn’t be irrational for them to assume that.”
