US and UK team up to fight Russian IP theft
The US and the UK have joined forces in an effort to fight “worldwide cyber exploitation of network infrastructure devices” from Russian-sponsored hackers.
The technical alert (TA) is a joint initiative from the US’s Department of Homeland Security, the FBI and the UK’s National Cyber Security Centre.
According to the Homeland Security’s Computer Awareness Readiness Team—whose mission is to reduce cyber security challenges—the main targets of Russia’s cyber exploitation are government and private-sector organisations, critical infrastructure providers, and the internet service providers that support these sectors.
The FBI said it is confident that Russian state-sponsored “cyber actors” use compromised routers to conduct “man-in-the-middle” attacks on these organisations. The attacks are allegedly designed to support Russian espionage, extract IP information, and to maintain access to the victims’ networks and allow the hackers to potentially commit future operations.
“Cyber actors” have been exploiting a large number of international routers since 2015, after the US government received information from multiple resources, said the press release.
“The US government assesses that cyber actors supported by the Russian government carried out this worldwide campaign,” it said.
“These operations enable espionage and IP that supports the Russian Federation’s national security and economic goals.”
Those committing the cyber theft do not need to install malware to exploit the devices. Rather, they take advantage of devices that are insufficiently hardened before installation and those that are not supported with security patches by manufacturers. This allows for “intermittent and persistent” access to IP and information that supports the health and safety of the US population, the release said.
The TA outlined a number of mitigation strategies to avoid falling foul of cyber theft.
For example, it advised that organisations should not use unencrypted management tools. Where an encrypted protocol is not possible, management activities from outside the organisation should be implemented through an encrypted virtual private network.
Did you enjoy reading this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.
Today’s top stories
Harley-Davidson secures biggest-ever TM infringement win
SCOTUS: patent case sparks concerns over international relations
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Adrian Tapping at atapping@newtonmedia.co.uk