The cyberwar between the west and Russia has escalated after the UK and the US issued a joint alert accusing Moscow of mounting a “malicious” internet offensive that appeared to be aimed at espionage, stealing intellectual property and laying the foundation for an attack on infrastructure.
Senior security officials in the US and UK held a rare joint conference call to directly blame the Kremlin for targeting government institutions, private sector organisations and infrastructure, and internet providers supporting these sectors.
Rob Joyce, the White House cybersecurity coordinator, set out a range of actions the US could take such as fresh sanctions and indictments as well as retaliating with its own cyber-offensive capabilities. “We are pushing back and we are pushing back hard,” he said.
Joyce stressed the offensive could not be linked to Friday’s raid on Syria. It was not retaliation for the US, UK and French attack as the US and UK had been investigating the cyber-offensive for months. Nor, he said, should the decision to make public the cyber-attack be seen as a response to events in Syria.
Joyce was joined in the call by representatives from the FBI, the US Department of Homeland Security and the UK’s National Cyber Security Centre (NCSC), which is part of the surveillance agency GCHQ.
The US and UK, in a joint statement, said the cyber-attack was aimed not just at the UK and US but globally. “Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system,” it said.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations.