State-sponsored Russian hackers are actively seeking to hijack essential internet hardware, US and UK intelligence agencies say.
The UK’s National Cyber Security Centre (NCSC), the FBI and the US Department of Homeland Security issued a joint alert warning of a global campaign.
The alert details methods used to take over essential network hardware.
The attacks could be an attempt by Russia to gain a foothold for use in a future offensive, it said.
“Russia is our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our US allies,” said Ciaran Martin, head of the NCSC in a statement.
The alert said attacks were aimed at routers and switches that directed traffic around the net.
Compromised devices were used to look at data passing through them, so Russia could scoop up valuable intellectual property, business information and other intelligence.
In addition, the attackers sought to undermine the firewalls and intrusion detection systems organisations used to spot malicious traffic before it reached users.
“Many of the techniques used by Russia exploit basic weaknesses in network systems,” said Mr Martin.
The principal targets of the global campaign were internet service providers, firms running critical infrastructure, government departments and large companies, the alert said.
And it contains detailed information about attack methods, the tell-tale signs left when hardware is compromised and how a network changes when it has been breached.
Mr Martin said GCHQ, NCSC’s parent organisation, had tracked the threat posed by Russian cyber-gangs for more than 20 years. Further intelligence about the attacks had been added by “multiple” cyber-security organisations and companies, he added.
The UK was working with America, its other allies and the technology industry to “expose Russia’s unacceptable cyber-behaviour, so they are held accountable for their actions”, said Mr Martin.