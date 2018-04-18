AP

Washington and London on Monday jointly accused the Russian government of maliciously targeting global Internet equipment for political and economic espionage.

The two governments said the Russian operations, which allegedly involve planting malware on Internet routers and other equipment, could also lay the foundation for offensive cyberattacks.

A joint statement by the US Department of Homeland Security, the FBI and the British National Cyber Security Centre said the main targets include “government and private-sector organizations,” as well as providers of “critical infrastructure” and Internet service providers.

“Victims were identified through a coordinated series of actions between US and international partners,” according to a companion technical alert issued by the US Computer Emergency Response Team (US-CERT).

Both nations have “high confidence” in the finding of Russian-sponsored cybermeddling, which the alert said has been reported by multiple sources since 2015.

Australia also admonished Russia and accused Kremlin-backed hackers of cyberattacks on hundreds of Australian companies last year.

The Kremlin yesterday dismissed the accusations as “groundless.”

“We don’t know what these new accusations are based on,” said Russian President Vladimir Putin’s spokesman, Dmitry Peskov. “As before, neither our American nor our British colleagues have bothered to search for arguments, even weak ones.”

Peskov added that the claims were “groundless” and “unjustified.”

US cybersecurity researcher Jake Williams said it was difficult for him to understand the motivation for Monday’s alert, given that “the activity has been ongoing for some time.”

“Calling the Russians out on this hardly makes much sense unless there’s some other agenda [most likely political],” Rendition Infosec president Williams added via text message.

US-CERT said the compromised routers can be exploited for “man-in-the-middle” spoofing attacks, in which communications are intercepted by a seemingly trusted device that has actually been infiltrated by an attacker.

“The current state of US network devices — coupled with a Russian government campaign to exploit these devices — threatens the safety, security and economic well-being of the United States,” the alert said.

US-CERT urged affected companies, public sector organizations and even people who use routers in home offices to take action to harden poorly-secured devices, but its alert cited only one specific product: Cisco’s Smart Install software.

Australian Minister for Defense Marise Payne told reporters that about 400 Australian firms were targeted in the Russian attacks, but there was no “exploitation of significance.”

“This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors,” Australian Minister for Law Enforcement and Cybersecurity Angus Taylor said.

On March 15, US-CERT issued a similar alert saying the FBI and US Department of Homeland Security had determined that Russian government “cyberactors” had sought to infiltrate US agencies, as well as “organizations in the energy, nuclear, commercial facilities, water, aviation and critical manufacturing sectors.”

Experts have said that the bulletin did not mean Russia had obtained access to systems that control critical infrastructure, but Russia does have history in this regard, as many security experts blame it for several cybersabotage attacks on Ukraine’s power grid.