The United States and Britain issued a rare and ominous alert Monday charging Russia of ramping up cyber attacks on American and British companies, government operations and infrastructure.
Washington and London said the widespread, global campaign began in 2015 and could be escalated to launch offensive attacks.
The warning came from the Department of Homeland Security, the FBI and Britain's National Cyber Security Center, and included advice about what companies can do to protect themselves.
American and British officials said the attacks affected a wide range of organizations including internet service providers, private businesses and critical infrastructure providers. They did not identify any victims or provide details on the impact of the attacks.
Protection advice
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” the joint statement warned.
“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back,” said Rob Joyce, the White House cyber security coordinator.
Previously the two nations have spoken only of attacks “originating from Russia,” with lines between Russian criminals and state activity being blurred, but they pinned blame on the Kremlin on this occasion.
British and U.S. officials said they had “high confidence” that the Kremlin was behind the attacks.
Victims asked to share information
Joyce said the alert is unrelated to the joint U.S., British and French airstrike in Syria that was prompted by a suspected chemical weapons attack by the Russian-backed regime of Bashar al-Assad.
The officials said they issued the alert to help targets protect themselves and persuade victims to share information with government investigators so they can better understand the threat.
“We don’t have full insight into the scope of the compromise,” said Jeanette Manfra, a cyber security official for the U.S. Department of Homeland Security.