Russia-Backed Hackers Accused Of Global Cyberattacks

Lester Mason
April 17, 2018

Australia has joined the United States and UK in publicly blaming Russian Federation for a "malicious" global cyber-attack previous year. Martin said the attacks could be designed for spying, stealing intellectual property or possibly "prepositioning for use in times of heightened tension".

White House cybersecurity coordinator Rob Joyce said the United States and its allies had "high confidence" that Russian Federation was behind the campaign.

Russian Federation is preparing to launch cyber attacks against critical British infrastructure in response to United Kingdom air strikes on Syria last Friday.

"These incidents are unacceptable and the Australian government calls on all countries, including Russian Federation, not to take actions that could lead to damage of critical infrastructure that provide services to the public".

The Australian government has confirmed a series of cyberattacks on Australian organisations revealed in August a year ago were carried out by Russian state-sponsored hackers.

"Commercially available routers were used as a point of entry, demonstrating that every connected device is vulnerable to malicious activity".

The full alert contains indicators of compromise for the attacks, technical details on the tactics, techniques and procedures as well as contextual information regarding observation of the attacks.


"Access to the device may facilitate malicious cyber adversaries gaining access to the information that flows through the device", the agency warned.

Law enforcement and cyber security minister Angus Taylor said a "significant" number of organisations were targeted in the wide-ranging attack reported by the Australian Cyber Security Centre (ACSC).

"Since 2015, the U.S. Government received information from multiple sources-including private and public sector cybersecurity research organizations and allies-that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide", said the technical alert published by the U.S. Department of Homeland Security.

The hackers are using compromised routers to conduct man-in-the-middle attacks to support cyber espionage, steal intellectual property and maintain persistent access in victim networks for use in additional campaigns.

According to the alert, systems that have been affected include Generic Routing Encapsulation (GRE) enabled devices, Cisco Smart Install (SMI) enabled devices, and Simple Network Management Protocol (SNMP) enabled network devices.

But they portrayed this as far more serious because of the potential to undermine infrastructure. Though the governments are not sure how many devices have been compromised by the hackers nor what the objective is, the targeting affects millions of devices globally, officials said on a call with reporters Monday morning.

Other reports by Iphone Fresh

Discuss This Article

FOLLOW OUR NEWSPAPER