» ISP News » 

UK and USA Warn Russia Wants to Hack Your Broadband ISP Router

Tuesday, April 17th, 2018 (8:47 am) - Score 5,797

Another day, another security scare. A joint statement by the FBI, DHS and UK NCSC has warned that the Russian Government are now actively conducting “malicious cyber activity” with the aim of compromising network infrastructure devices such as switches, firewalls and even home broadband routers etc.

The “Technical Alert” – TA18-106A – includes further details and notes that the targets of this malicious cyber activity are “primarily government and private-sector organisations, critical infrastructure providers, and the Internet Service Providers (ISPs) supporting these sectors“.

The alert warns that network device vendors, ISPs, public sector organisations, private sector corporations and small-office/home-office (SOHO) customers are the main targets. Apparently Russian “state-sponsored actors” (no.. not bad movie actors) are using compromised routers to conduct “spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.”

The notice goes on to state that this activity has been reported to the U.S. and UK governments by “multiple sources“, including private and public-sector cyber security research organisations and allies.

Ciaran Martin, CEO of the UK National Cyber Security Centre, said:

“Russia is our most capable hostile adversary in cyberspace so tackling them is a major priority for the National Cyber Security Centre and our U.S. allies. This is the first time that in attributing a cyber attack to Russia the U.S. and the UK have, at the same time, issued joint advice to industry about how to manage the risks from the attack. It marks an important step in our fight back against state-sponsored aggression in cyberspace.

For over twenty years, GCHQ has been tracking the key Russian cyber attack groups and today’s joint UK-U.S. alert shows that the threat has not gone away. The UK government will continue to work with the U.S., other international allies and industry partners to expose Russia’s unacceptable cyber behaviour, so they are held accountable for their actions.

Many of the techniques used by Russia exploit basic weaknesses in network systems. The NCSC is leading the way globally to automate defences at scale to take away some of those basic attacks, thereby allowing us to focus on the most potent threats.”

In the language of Fear Uncertainty and Doubt (FUD) we should probably put this into some practical context because, as any experienced IT bod already knows, your computer and networking hardware will come under frequent attack from almost the moment you go online. Often this occurs without you even knowing about it, unless you closely monitor your network traffic.

Most of the time its automated botnets that are scanning global IP address ranges for known vulnerabilities to exploit and on other occasions you’ll simply be passing by an infected web page, clicking a bad email link or installing a dodgy app. As a general rule all of our connected devices are at a constant risk and this is the reason why we all (hopefully) have firewalls, anti-virus, encryption and should be keeping our systems up-to-date with security patches.

Put another way, individual residential home broadband ISP or mobile internet users are arguably at much greater risk from your common run-of-the-mill hacker types or virus infections. The Russian government is probably the least of your concerns and as always, regardless of who is trying to screw up your online day, the best protection is always a strong defence and up-to-date software/hardware.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
17 Responses
  1. Sometimes but not always says:

    If at least they can help to have the proper bandwidth; I pay for “up to” 76 and the top here is a bit more of 50.

  2. Negan's Love Child says:

    Be afraid folks, be afraid….of MI5/GCHQ 🙂

    1. AnotherBot says:

      Nice try Russian bot…

  3. Mike says:

    I wondered how long it would be until they came out with this verbal diarrhoea

  4. James Johnson says:

    And the propaganda machine rolls on.
    Russia this, Russia that… let’s attack Assad on the suspected use of chemical weapons (despite the tactical motive for him to do so… he had all but won the area)… or was it let’s poke Russia via Assad.
    It truely seems that they are building opinion for a war with Russia.
    Personally… my firewalls and web services see the majority of hacking attempts from China… not Russia.

    1. Negan's Love Child says:

      Careful now…you’ll be accused of being a Russian bot lol

    2. DeejayVu says:

      I must agree, most hacking attempts on my server come from China

    3. Joe says:

      “let’s attack Assad on the suspected use of chemical weapons (despite the tactical motive for him to do so… he had all but won the area)”

      (sighs) Thats how he has repeatedly used CWs. You pound the enemy until you can pound no more then use CW to penetrate the bunkers/positions you can’t breach: (CWs (chemical dependant) sink.) The defenders surrendered immediately after the CW attack.

    4. Mike says:

      Chemical weapons???? You mean like various forms of gas our law enforcement and military use, at times on our own people?

    5. Bob Travers says:

      Russian Bot automated message…. Ah, but don’t be fooled by the IP info your Routers/Servers are harvesting on suspect attacks. The Russians are using China based Servers via VPN’s, Tor and Public Proxies to fool you into thinking they are connecting from China…. Have a nice day 🙂

    6. James Johnson says:

      There’s methods to detect if an attack is being proxied… most basic being latency difference between you and their proxy vs them and you.
      This is my profession. I’m not an amateur.
      Have a nice day also.

    7. Whistle Star says:

      I find this really interesting. Could I tell this from my ISP provided Router or would I need a business device to check the basic latency to confirm if I am being attacked from China or Russia?

  5. Jigsy says:

    Considering how slow my connection is, I’d be impressed if they could access it.

  6. J.D says:

    Funny, 3 days ago someone used my eBay account to buy various goods and shipped them to Russia…gladly eBay is great with customer service and my money was refunded.

    1. Andy says:

      it wasnt chemical weapons was it?

  7. Oggy says:

    If Putin wants to know I have the occasional look at Pornhub then good luck to him.

    That’s the most interesting thing that happens on my connection, apart from occasionally posting on here of course.

    In the UK we’ve always got to try and paint someone as the bad guy, as the infiltrator trying to drag us down. We’ve been doing it for decades. I’m surprised more people haven’t seen the real threat to the UK people and that is the UK government.

  8. David says:

    All very interesting:
    “Many of the techniques used by Russia exploit basic weaknesses in network systems”

    Now what does this mean? PGP back in the 90’s when exported outside the USA/Canada with back-doors, Cisco equipment with “government only” back-doors among other company’s

    Lets not forget the NSA that lost it’s “SMB” zero day exploit and someone added ransomware to it taking down the NHS and other systems everywhere

    Just to end with lets not forget the “Home Office” and the “FBI” wanting a “government only” decryption key for everything that will to totally safe, yeah right!

    Yes Russia and others are using Cyber attacks, that’s not new but when they give statements lets not forget there are some normal vulnerability and always will be, but what about the “added extras” you also have and last the amount of “sensitive” data company’s like talk-talk hold on people and then loose it or Facebook………where is the actual risk from, I get lost as the UK and US governments are collecting everything anyway, wheres that going?

    Oh I almost forgot how about the CPU bugs and talking about bugs, cellphone anyone?

    Have a nice day

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £20.00 (*25.00)
    Speed 50Mbps, Unlimited
    Gift: None
  • Plusnet £21.95 (*38.20)
    Speed 36Mbps, Unlimited
    Gift: £50 Reward Card
  • Vodafone £22.00 (*25.00)
    Speed 35Mbps, Unlimited
    Gift: None
  • NOW £23.00 (*32.00)
    Speed 36Mbps, Unlimited
    Gift: None
  • TalkTalk £23.00 (*29.95)
    Speed 38Mbps, Unlimited
    Gift: None
Large Availability | View All
New Forum Topics
Cheapest Ultrafast ISPs
  • Community Fibre £25.00 (*29.50)
    Speed: 150Mbps, Unlimited
    Gift: First Month Free
  • Hyperoptic £25.00 (*35.00)
    Speed: 150Mbps, Unlimited
    Gift: None
  • Gigaclear £26.00 (*54.00)
    Speed: 400Mbps, Unlimited
    Gift: None
  • Virgin Media £26.00 (*52.00)
    Speed: 108Mbps, Unlimited
    Gift: None
  • Vodafone £26.00 (*29.00)
    Speed: 100Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (3398)
  2. BT (2983)
  3. Politics (1891)
  4. Building Digital UK (1889)
  5. FTTC (1872)
  6. Openreach (1796)
  7. Business (1641)
  8. Mobile Broadband (1442)
  9. Statistics (1388)
  10. FTTH (1363)
  11. 4G (1248)
  12. Fibre Optic (1150)
  13. Virgin Media (1138)
  14. Wireless Internet (1135)
  15. Ofcom Regulation (1126)
  16. Vodafone (821)
  17. EE (815)
  18. TalkTalk (749)
  19. 5G (734)
  20. Sky Broadband (730)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact