UK and US spies issued an unprecedented joint alert over Russian-sponsored cyber attacks on Monday, confirming “millions” of devices have been infected by “hostile” hackers.
Officials said that Kremlin-backed aggressors have accessed computer routers around the world as part of a cyber espionage campaign that targeted government agencies, businesses and critical infrastructure operators.
The attacks targeted routers that form a key part of the internet infrastructure, in a move that could be used in the future to launch offensive attacks.
Worryingly, the style of attack detected means hackers have permanent access to the networks they have infiltrated.
For example, it means viruses could lie dormant for years before they are activated.
The chief of Britain’s National Cyber Security Centre (NCSC) based at GCHQ in Cheltenham, Glos, said Russia was “our most capable hostile adversary in cyberspace” and that “dealing with their attacks is a major priority” for British and American spooks.
Describing the escalation of the Russian cyber threat, NCSC boss Ciaran Martin said: “This is the first time that in attributing a cyber attack to Russia the US and the UK have, at the same time, issued joint advice to industry about how to manage the risks from attacks.
“It marks an important step in our fight back against state-sponsored aggression in cyberspace.
“For over twenty years, GCHQ has been tracking the key Russian cyber-attack groups and today’s joint UK-US alert shows that the threat has not gone away.
“The UK government will continue to work with the US, other international allies and industry partners to expose Russia’s unacceptable cyber behaviour, so they are held accountable for their actions.
“Many of the techniques used by Russia exploit basic weaknesses in network systems.
“The NCSC is leading the way globally to issue advice and automate defences at scale to remove those basic attacks, thereby allowing us to focus on the most potent threats.”
A Government spokesperson said: “This is yet another example of Russia’s disregard for international norms and global order – this time through a campaign of cyber espionage and aggression, which attempts to disrupt governments and de-stabilise business.
“The attribution of this malicious activity sends a clear message to Russia – we know what you are doing and you will not succeed.
“This Government will stand steadfast alongside its allies to counter this threat and our world-leading experts at the National Cyber Security Centre will continue to strengthen our cyber security capabilities and protect UK interests.”
The Sunday Times reported this weekend that the UK is poised to consider a retaliatory attack should Russia launch a coordinated cyber hack.
Britain’s relations with Russia are at a historic low, after it blamed Russia for a nerve agent attack on former Russian spy Sergei Skripal and his daughter Yulia in Salisbury, Wiltshire, prompting mass expulsions of diplomats.
Russia has denied involvement, and on Saturday also condemned strikes against Syria by Western powers, which Theresa May on Monday defended in the House of Commons.
There were reports that the Pentagon had detected a 2,000% increase in Russian-linked bots on social media in the hours after Saturday’s strikes.
Meanwhile top spies are said to be bracing themselves for the release of so-called “kompromat” material gathered via cyber hacking.
Such material could be used to embarrass senior officials and politicians.