Sat, 20 Oct 2018

Russia denies accusations of planting malware to spy on riva

By Sheetal Sukhija, Manchester News
19 Apr 2018, 05:01 GMT+10

MOSCOW, Russia - Russia has slammed at the U.S. and U.K., after they accused the country of internet tampering.

Fighting back against the accusations, a Kremlin spokesman called the claims “unfounded and feeble.”

The United States and Britain alleged that Russian agents have planted malware on key components of the internet to spy on rivals, steal trade and potentially launch cyberattacks.

Earlier this week, the U.S. Department of Homeland Security, the FBI and the U.K.'s National Cyber Security Centre issued a joint statement saying the main targets in the alleged tampering of routers and other networking equipment include "government and private-sector organizations," as well as providers of "critical infrastructure" and internet service providers.

Further, the U.S. Computer Emergency Response Team (US-CERT) issued a companion technical alert, which warned, "Victims were identified through a coordinated series of actions between U.S. and international partners.”

The alert noted that both nations have "high confidence" in the finding of Russian-sponsored cyber-meddling, which it said has been reported by multiple sources since 2015.

Meanwhile, Kremlin spokesman Dmitry Peskov called the accusations groundless and told reporters, "We don't know what these accusations are based on. Such accusations are typically thrown into the air and no one even bothers to offer any arguments (proof) anymore."

Peskov further noted, “We think such feeble accusations have lost all meaning.”

The US-CERT noted that the compromised routers can be exploited for "man-in-the-middle" spoofing attacks, in which communications are intercepted by a seemingly trusted device that has actually been infiltrated by an attacker.

It said in its alert, “The current state of U.S. network devices — coupled with a Russian government campaign to exploit these devices — threatens the safety, security, and economic well-being of the United States.”

According to cybersecurity experts, the kinds of exploits described in the US-CERT alert are commonly practiced by all nations engaged in offensive cyber espionage, including the U.S., Britain and Australia.

Further, the US-CERT urged affected companies, and public sector organizations and even people who use routers in home offices to take action to harden poorly-secured devices. 

However, its alert cited only one specific product: Cisco's Smart Install software.

Further, Jake Williams, a noted U.S. cybersecurity researcher said that it was difficult for him to understand the motivation for Monday's alert given that "the activity has been ongoing for some time."

Williams, who is the president of Rendition Infosec, said, “Calling the Russians out on this hardly makes much sense unless there's some other agenda (most likely political).”

Sign up for Manchester News

a daily newsletter full of things to discuss over drinks.and the great thing is that it's on the house!