US, UK Issue Joint Statement on Malicious Cyber Activity Carried Out by Russia
Ami Rojkes Dombe
| 19/04/2018
facebook.com/Dmitry.Medvedev
The US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) on Monday released a joint Technical Alert about malicious cyber activity carried out by the Russian Government.
The targets of this malicious cyber activity are primarily government and private-sector organizations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors.
Specifically, these cyber exploits are directed at network infrastructure devices worldwide such as routers, switches, firewalls, and the Network Intrusion Detection System (NIDS).
Network device vendors, ISPs, public sector organizations, private sector corporations and small-office/home-office customers should read the alert (TA18-106A) and act on the recommended mitigation strategies. The alert contains indicators of compromise, technical details on the tactics, techniques, and procedures (TTPs), and contextual information regarding observed behaviors on the networks of compromised victims.
Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations. Multiple sources, including private and public-sector cybersecurity research organizations and allies, have reported this activity to the US and UK governments.
[Source: ncsc.gov.uk]
facebook.com/Dmitry.Medvedev
The US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) on Monday released a joint Technical Alert about malicious cyber activity carried out by the Russian Government.
The targets of this malicious cyber activity are primarily government and private-sector organizations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors.
Specifically, these cyber exploits are directed at network infrastructure devices worldwide such as routers, switches, firewalls, and the Network Intrusion Detection System (NIDS).
Network device vendors, ISPs, public sector organizations, private sector corporations and small-office/home-office customers should read the alert (TA18-106A) and act on the recommended mitigation strategies. The alert contains indicators of compromise, technical details on the tactics, techniques, and procedures (TTPs), and contextual information regarding observed behaviors on the networks of compromised victims.
Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations. Multiple sources, including private and public-sector cybersecurity research organizations and allies, have reported this activity to the US and UK governments.
[Source: ncsc.gov.uk]
