Russian state-sponsored cyber actors are exploiting routers and other network infrastructure devices worldwide to conduct man-in-the-middle attacks that specifically target critical infrastructure providers and other sectors, the U.S. Department of Homeland Security (DHS), the FBI, and the UK’s National Cyber Security Centre (NCSC) warned in a new joint technical alert.

In the U.S. Computer Emergency Readiness Team (US-CERT) report issued on April 16, and revised on April 18,  the FBI explicitly emphasizes it has “high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.”

The report, a result of analytic efforts by the U.S. and UK entities that identifies victims through a coordinated series of actions between U.S. and international partners, urges readers to act on past alerts and advisories issued by the U.S., the UK, and “allied governments,” along with reports issued by network device manufacturers and private sector security organizations.…

Read More »