Hey look, another day, another warning that the Russians are hacking everyone. The U.S. Department of Homeland Security (DHS), the UK’s National Cyber Security Centre, the FBI, and the White House jointly announced that Russian hackers are laying the groundwork for future cyber attacks and spying on Western governments.
The attackers are described as “Russian, state-sponsored cyber actors” who are going after routers, switches, firewalls, and Network-based Intrusion Detection System (NIDS) devices.
DHS Technical Alert
According to the DHS’s Technical Alert (TA), “Targets are primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors.”
The TA also said that the, “FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.”
The Times of London said that the UK’s National Cyber Security Centre said that the attacks have given President Vadimir Putin a “tremendous weapon.”
So if you’re responsible for telecommunications infrastructure equipment, do your jobs, please, and harden these devices! The Russians are coming.
3 thoughts on “PSA: The Russians Are Hacking Everything, Laying the Groundwork for Future Attacks”
Many thanks for this PSA, although I fear you may be doing little more than shouting into the wind. On a desert island. In the middle of the Pacific.
Russia (and China) have taken geopolitics to a whole new level, not least of which involves state-level investment in cyber warfare. And make no mistake, it is warfare that is being waged. And like all warfare, it is not about mere hijinks to stir up mischief and cause inconvenience. This about domination. At the very least for Russia, it’s about creating a world in which the USA and her allies no longer dominate the terms of global engagement nor threaten Russian regional aspirations. These are not happy thoughts for Russia’s neighbours.
For China, it’s about domination first of the Pacific, then the low and middle income countries, after which the rest of the planet will concede to their terms (pretty much laid out in their propaganda which you can pick up for pennies in many LMICs).
Sadly, the one country that could rain on both parades and maintain a safe harbour for democracies everywhere has succumbed to a strange form of Washington sleeping sickness, in which it cannot wake from the torpor of 2016, leaving allies to largely fend for themselves; the EU having effectively said as much. And those few not asleep appear to be swaddled firmly in soporific denial that the Russians in particular have had any impact not only on US elections, but US thought, attitudes or actions; that somehow the US is politically and culturally immune to such outside influence. This may yet prove a lethal dose of arrogance, at least insofar as values and political norms are concerned.
I think we can expect that the lessons learnt in 2016 will be leveraged by Russia into a far more sophisticated and influential attack in 2018 and 2020. And why not? Thus far, the benefits have far exceeded the costs, with no evidence that this balance will change anytime soon.
In the short term, this is the stuff of alternate universe dystopia.
I still don’t understand how the FBI, MI5 etc doesn’t get this scenario – a hostile power quietly works away to compromise millions of devices and accounts, and then one day, when a critical mass has been achieved – BANG! The financial system crashes, all the money has gone, we start tearing each other apart just to get food and energy. I mean, c’mon – look how people were ready to kill in France just to get their hands on discounted Nutella!
Meanwhile I was called in the other day to update a company’s website – to access the site I was directed to the passwords spreadsheet on Google docs. Yes, that’s right. Passwords spreadsheet.
Russia has already done test operations against the Republic of Georgia, Ukraine and the Baltic States. They are experienced with this sort of thing. When they pull the trigger I expect all sorts of things will roll mover and die.
Sadly, most people, even most business owners are oblivious to system and network security. . I was at a Doctor’s office a couple of weeks ago. The receptionist and another staff person were having a loud conversation because one of them was having trouble logging into the offic’s email account. Listening in on the conversation I got the e-mail address, and the password. I also discovered that they use for their passwords. I also realized because the year was 2014, when they moved to this office, they never change their passwords. This is likely true with all of their other systems. If I were Black Hat I feel confident I could hack their WAP and network switch in a few minutes. (I’d bet the password is either Administrator, or the brand name). After that it would be simple to bridge from their systems to the provincial medical records system. And these people are managing health records. Unfortunately I suspect there isn’t much more understanding for traffic control systems, commercial retail systems, smaller banking systems, and on and on.
Don’t be surprised when push comes to shove that bloody most of the West weill revert to 1983 technology.