Home
 » ISP News » 
Sponsored Links

UK and USA Warn Russia Wants to Hack Your Broadband ISP Router

Tuesday, Apr 17th, 2018 (8:47 am) - Score 5,821

Another day, another security scare. A joint statement by the FBI, DHS and UK NCSC has warned that the Russian Government are now actively conducting “malicious cyber activity” with the aim of compromising network infrastructure devices such as switches, firewalls and even home broadband routers etc.

The “Technical Alert” – TA18-106A – includes further details and notes that the targets of this malicious cyber activity are “primarily government and private-sector organisations, critical infrastructure providers, and the Internet Service Providers (ISPs) supporting these sectors“.

The alert warns that network device vendors, ISPs, public sector organisations, private sector corporations and small-office/home-office (SOHO) customers are the main targets. Apparently Russian “state-sponsored actors” (no.. not bad movie actors) are using compromised routers to conduct “spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.”

The notice goes on to state that this activity has been reported to the U.S. and UK governments by “multiple sources“, including private and public-sector cyber security research organisations and allies.

Ciaran Martin, CEO of the UK National Cyber Security Centre, said:

“Russia is our most capable hostile adversary in cyberspace so tackling them is a major priority for the National Cyber Security Centre and our U.S. allies. This is the first time that in attributing a cyber attack to Russia the U.S. and the UK have, at the same time, issued joint advice to industry about how to manage the risks from the attack. It marks an important step in our fight back against state-sponsored aggression in cyberspace.

For over twenty years, GCHQ has been tracking the key Russian cyber attack groups and today’s joint UK-U.S. alert shows that the threat has not gone away. The UK government will continue to work with the U.S., other international allies and industry partners to expose Russia’s unacceptable cyber behaviour, so they are held accountable for their actions.

Many of the techniques used by Russia exploit basic weaknesses in network systems. The NCSC is leading the way globally to automate defences at scale to take away some of those basic attacks, thereby allowing us to focus on the most potent threats.”

In the language of Fear Uncertainty and Doubt (FUD) we should probably put this into some practical context because, as any experienced IT bod already knows, your computer and networking hardware will come under frequent attack from almost the moment you go online. Often this occurs without you even knowing about it, unless you closely monitor your network traffic.

Most of the time its automated botnets that are scanning global IP address ranges for known vulnerabilities to exploit and on other occasions you’ll simply be passing by an infected web page, clicking a bad email link or installing a dodgy app. As a general rule all of our connected devices are at a constant risk and this is the reason why we all (hopefully) have firewalls, anti-virus, encryption and should be keeping our systems up-to-date with security patches.

Put another way, individual residential home broadband ISP or mobile internet users are arguably at much greater risk from your common run-of-the-mill hacker types or virus infections. The Russian government is probably the least of your concerns and as always, regardless of who is trying to screw up your online day, the best protection is always a strong defence and up-to-date software/hardware.

Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews
Comments
17 Responses
  1. Avatar photo Sometimes but not always says:

    If at least they can help to have the proper bandwidth; I pay for “up to” 76 and the top here is a bit more of 50.

  2. Avatar photo Negan's Love Child says:

    Be afraid folks, be afraid….of MI5/GCHQ 🙂

    1. Avatar photo AnotherBot says:

      Nice try Russian bot…

  3. Avatar photo Mike says:

    I wondered how long it would be until they came out with this verbal diarrhoea

  4. Avatar photo James Johnson says:

    And the propaganda machine rolls on.
    Russia this, Russia that… let’s attack Assad on the suspected use of chemical weapons (despite the tactical motive for him to do so… he had all but won the area)… or was it let’s poke Russia via Assad.
    It truely seems that they are building opinion for a war with Russia.
    Personally… my firewalls and web services see the majority of hacking attempts from China… not Russia.

    1. Avatar photo Negan's Love Child says:

      Careful now…you’ll be accused of being a Russian bot lol

    2. Avatar photo DeejayVu says:

      I must agree, most hacking attempts on my server come from China

    3. Avatar photo Joe says:

      “let’s attack Assad on the suspected use of chemical weapons (despite the tactical motive for him to do so… he had all but won the area)”

      (sighs) Thats how he has repeatedly used CWs. You pound the enemy until you can pound no more then use CW to penetrate the bunkers/positions you can’t breach: (CWs (chemical dependant) sink.) The defenders surrendered immediately after the CW attack.

    4. Avatar photo Mike says:

      Chemical weapons???? You mean like various forms of gas our law enforcement and military use, at times on our own people?

    5. Avatar photo Bob Travers says:

      Russian Bot automated message…. Ah, but don’t be fooled by the IP info your Routers/Servers are harvesting on suspect attacks. The Russians are using China based Servers via VPN’s, Tor and Public Proxies to fool you into thinking they are connecting from China…. Have a nice day 🙂

    6. Avatar photo James Johnson says:

      There’s methods to detect if an attack is being proxied… most basic being latency difference between you and their proxy vs them and you.
      This is my profession. I’m not an amateur.
      Have a nice day also.

    7. Avatar photo Whistle Star says:

      I find this really interesting. Could I tell this from my ISP provided Router or would I need a business device to check the basic latency to confirm if I am being attacked from China or Russia?

  5. Avatar photo Jigsy says:

    Considering how slow my connection is, I’d be impressed if they could access it.

  6. Avatar photo J.D says:

    Funny, 3 days ago someone used my eBay account to buy various goods and shipped them to Russia…gladly eBay is great with customer service and my money was refunded.

    1. Avatar photo Andy says:

      it wasnt chemical weapons was it?

  7. Avatar photo Oggy says:

    If Putin wants to know I have the occasional look at Pornhub then good luck to him.

    That’s the most interesting thing that happens on my connection, apart from occasionally posting on here of course.

    In the UK we’ve always got to try and paint someone as the bad guy, as the infiltrator trying to drag us down. We’ve been doing it for decades. I’m surprised more people haven’t seen the real threat to the UK people and that is the UK government.

  8. Avatar photo David says:

    All very interesting:
    “Many of the techniques used by Russia exploit basic weaknesses in network systems”

    Now what does this mean? PGP back in the 90’s when exported outside the USA/Canada with back-doors, Cisco equipment with “government only” back-doors among other company’s

    Lets not forget the NSA that lost it’s “SMB” zero day exploit and someone added ransomware to it taking down the NHS and other systems everywhere

    Just to end with lets not forget the “Home Office” and the “FBI” wanting a “government only” decryption key for everything that will to totally safe, yeah right!

    Yes Russia and others are using Cyber attacks, that’s not new but when they give statements lets not forget there are some normal vulnerability and always will be, but what about the “added extras” you also have and last the amount of “sensitive” data company’s like talk-talk hold on people and then loose it or Facebook………where is the actual risk from, I get lost as the UK and US governments are collecting everything anyway, wheres that going?

    Oh I almost forgot how about the CPU bugs and talking about bugs, cellphone anyone?

    Have a nice day

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5473)
  2. BT (3505)
  3. Politics (2525)
  4. Openreach (2291)
  5. Business (2251)
  6. Building Digital UK (2234)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1780)
  10. 4G (1654)
  11. Virgin Media (1608)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)

Helpful ISP Guides and Tips

Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon