Russian hackers have been targeting millions of routers around the world, according to a joint statement from the US and the UK.
Russian hackers are targeting millions of routers around the world, including devices in homes and offices, according to US and UK officials.
In a joint announcement Monday from the US Department of Homeland Security, the FBI and the UK’s National Cyber Security Center, officials warned Russian spies have been looking for vulnerabilities on millions of routers as a tool for future attacks.
The targets include routers in both homes and offices, as well as firewalls and switches from internet service providers, critical infrastructure and major private companies, Rob Joyce, the National Security Council’s cybersecurity coordinator said in a conference call.
“We have high confidence Russia has carried out a coordinated campaign to gain access to enterprise, small office, home office routers known as SOHO routers and residential routers, and the switches and connectors worldwide,” Joyce said.
The DHS said it’s seen Russian activity with scans for vulnerabilities on routers over the last two years, but it’s harder to assess how many have been affected.
“The purpose of these attacks could be espionage, it could be theft of intellectual property, it could be prepositioning for use in times of tension,” NCSC Director Ciaran Martin said.
State-sponsored cyberattacks are a national security concern, as hackers look to use vulnerabilities to affect elections, power grids and businesses. The US has taken actions in the last year against alleged hackers from Iran, Russia and North Korea. Attacks on routers highlight an issue where millions of people are responsible for their own security by maintaining updates on their own. The responsibility to protect these devices also falls on companies who make them to issue necessary fixes.
“Once you own the router, you own the traffic,” Jeanette Manfra, DHS’s top cybersecurity official, said on the conference call.
Compromising a router would allow attackers to steal credentials, as well as use it for future attacks, Joyce added.
“It is a tremendous weapon in the hands of an adversary,” the NSC’s cybersecurity coordinator said.
The US and UK are also issuing a technical alert on Monday, warning that people update their internet of things devices and routers, and for companies to build their connected gadgets with better security.
Attacks on routers can have more potential for damage since they’re not maintained with the same level of security as servers or computers are, Manfra said. The DHS and the UK’s NCSC hope to change that with Monday’s technical alert. Part of the alert calls on people to step up their own security, with Manfra pointing out that the DHS can’t “protect every single device.”