UK and US intelligence agencies accuse Russia of having carried out a series of cyber attacks against Western cyber infrastructure.

The Kremlin has carried out a large scale attack on the worldwide cyber infrastructure, according to US and British intelligence services.

In a statement released Monday titled, “Joint US-UK statement on malicious cyber activity carried out by Russian government,” representatives from the UK’s National Cyber Security Centre (NCSC), the FBI and the US Department of Homeland Security (DHS), alleged that since 2015, “cyber actors supported by the Russian government” have been exploiting network infrastructure devices such as routers, switches, firewalls, and Network Intrusion Detection System (NIDS) worldwide.

According to the statement, the targets are primarily government and private-sector organisations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors.

“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” states the release. “Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the US and UK governments.”

The NCSC, FBI and DHS also released a “joint Technical Alert.” The 20 page document includes details of the systems affected.

British and American security services warn that Russian state-sponsored blackhat hackers have utilized security vulnerabilities in routers across the world, chiefly those from CISCO Systems, which provide the majority of mission critical network infrastructure devices for the US government. By captialising on these security vulnerabilities, the concern is that Russian hackers have gained access, perhaps even control, of sensitive government and private agencies and businesses systems.

The Russian operation has, by US Intelligence services, been given the name GRiZZLY STEP. While the primary target for the attacks has been US and UK government networks, according to the report the attacks have also struck vulnerable systems globally.

White House cybersecurity coordinator, Rob Joyce, stated that if necessary the US is ready to “fight back and fight back hard” against such attacks. Mr. Joyce stated that further sanctions, prosecution and even counter-attacks could all be part of the response.

Mr. Joyce’s suggested repertoire of responses echo that which has been previously deployed, with success, against the Islamic State. Such capabilities were used by both the US intelligence community as well as the British intelligence community to degrade the Islamic State’s ability to disseminate propaganda from its Syrian headquarters in al Raqqa.

Russian President Vladimir Putin’s spokesman, Dmitry Peskov, responded to the allegations by stating that they were “baseless.” “As before, no one — neither our colleagues in the U.S. or in Britain — has bothered to provide at least some kind of argumentation, even of the weakest kind. From our point of view, these unsubstantiated accusations are utterly devalued,” he added.

https://twitter.com/RussianEmbassy/status/986187221597335552

Russia’s UK Embassy issued a statement as well:

“We are disappointed by the fact that such serious claims have been made publicly, without any proof being presented and without any attempt by the United Kingdom to clarify the situation with the Russian side in the first place. It would be useful to point out that Russia has made several proposals to the United Kingdom on different levels to establish bilateral mechanisms of cooperation in the sphere of information security … Unfortunately, all our proposals have been ignored by the British side.”

Admittedly, the joint Western intelligence statement is rich in rhetoric but lacklusterly poor in actual factual evidence. What evidence US and UK intelligence sources are relying on is not clear from the joint statement or joint Technical Alert. Many security and geosecurity analysts, however, believe it is not unlikely that Russia was indeed behind the attacks.

“Russia has built up a high capacity in IT and cyber domain. It has been one of the goals of the Russian defense policy over the last ten years. From that perspective, it is not impossible that Russia may well be responsible for these attacks, although it is difficult to judge each individual case, ” said Martin Kragh, head of the Russia and Eurasia Programme at the Swedish Institute of International Affairs, and associate professor at the Institute for Russian and Eurasian Studies at Uppsala University.

With chilly tensions between East and West at Cold War levels, along with contentions over Syria and Africa, not to mention spy scandals, the fear is that this may just be the beginning of a major offensive amidst an aggressive geopolitical gambit by Russia.

John Sjoholm, LIMA CHARLIE NEWS, with Anthony A. LoPresti

For up-to-date news, please follow us on twitter at @LimaCharlieNews

In case you missed it: