US, UK accuse Russia of actively targeting internet routers, devices

The rare joint alert says Russia, behind the global NotPetya attack, has been laying the groundwork for future cyberattacks and targeting critical infrastructure.
By Jessica Davis
12:59 PM
Share
Russia targeting internet routers, devices

Russian hackers are actively targeting devices that control the flow of internet traffic to gain access and spy on Western governments and businesses, according to a rare joint alert from the U.S. and U.K. released Monday.

Delivered by the Department of Homeland Security, FBI and U.K. National Cybersecurity Centre, the warning outlines Russian state-sponsored cyberattacks penetrating software programs and devices, including firewalls and internet routers, on a global scale.

The goal, according to officials, is to steal company secrets and spy on these countries. The hackers also are attempting to lay the foundation for future cyberattacks, the agencies said.

[Also: NIH, experts warn healthcare pros to stay vigilant to thwart hackers]

"The current state of U.S. network devices – coupled with a Russian government campaign to exploit these devices – threatens the safety, security and economic well-being of the United States," agency officials wrote.

Both the U.S. and U.K found Russia was responsible for the global NotPetya attack in May 2017. Hackers targeted and crippled Ukraine’s infrastructure, but a long list of other businesses were caught up in the destructive attack, including the U.K. National Health Service and several U.S. healthcare providers.

[Also: Sidelined HHS Deputy CISO blasts agency, claims security center 'decimated']

Healthcare organizations need to be aware of the increase of these Russian attacks. While the healthcare sector may not be an initial target, malware can proliferate quickly outside of its intended victim – as seen with NotPetya and also the global WannaCry attack this past June.

The alert comes at a critical time, with the recent departures of two top government cybersecurity officials. The White House announced on Tuesday that its Cybersecurity Coordinator Rob Joyce will leave his post to return to work at the National Security Agency.

[Also: CMS Deputy CIO Janet Vogel to replace outgoing HHS CISO Wlaschin]

The move comes just one week after Joyce’s boss, former White House Homeland Security Adviser Thomas Bossert, was reportedly forced out by new National Security Advisor John Bolton. Joyce had been filling Bossert's role in an active capacity since that announcement. 

Their departures leave major holes in the Trump administration’s cybersecurity leadership.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com