On Monday, the U.S. and British governments accused the Kremlin of conducting a huge cyberattack on routers and other internet hardware around the world, with the presumed aim being economic and political espionage and possibly sabotage. In a first-ever joint U.S.-British cybersecurity alert, the FBI, U.S. Department of Homeland Security, and Britain's National Cyber Security Centre (NCSC) said the years-long campaign targeted millions of devices, primarily used by "government and private-sector organizations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors."
"We have high confidence that Russia has carried out a coordinated campaign to compromise ... routers, residential and business — the things you and I have in our home," said Rob Joyce, the White House cybersecurity coordinator. Jeanette Manfra, the Homeland Security Department's chief cybersecurity official, added that the U.S. and Britain "condemn the actions and hold the Kremlin responsible for the malicious activities." The aim of the attack, which dates back at least to 2015, seems to be to "seize control" of internet infrastructure to intercept traffic moving through the routers of people and organizations, NCSC chief Ciaran Martin said. Australia also blamed the Kremlin on Monday for a cyberattack on hundreds of Australian companies in 2017.
The U.S. has become more aggressive in calling out Russia and other countries publicly for cyber-malfeasance, including a March 15 warning from the U.S. Computer Emergency Response Team (US-CERT) that Russian government "cyber actors" have tried to infiltrate U.S. agencies and companies that deal with power, water, aviation, and other critical sectors. But it isn't clear why the U.S. and Britain are issuing this new alert now, U.S. cybersecurity researcher Jake Williams tells The Associated Press. "Calling the Russians out on this hardly makes much sense unless there's some other agenda (most likely political)."