(Reuters) – The United States and Britain on Monday warned of a global cyber attack targeting routers and other networking equipment, blaming Russian government-backed hackers for the campaign on government agencies, businesses and critical infrastructure operators.
Washington and London issued a joint alert, saying the widespread, global campaign began in 2015 and could be escalated to launch offensive attacks.
The alert comes two months after the United States and Britain accused Russia of carrying out the damaging “NotPetya” cyber attack in 2017 that unleashed a virus that crippled parts of Ukraine’s infrastructure and damaged computers across the globe.
American and British officials said the attacks affected a wide range of organizations including internet service providers, private businesses and critical infrastructure providers. They did not identify any victims or provide details on the impact of the attacks.
“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back,” said Rob Joyce, the White House cyber security coordinator.
The Kremlin did not immediately respond to a request for comment late on Monday. Moscow has denied previous accusations that it carried out cyber attacks on the United States and other countries.
U.S. intelligence agencies last year accused Russia of interfering in the 2016 election with a hacking and propaganda campaign supporting Donald Trump’s campaign for president. Last month the Trump administration blamed Russia for a campaign of cyber attacks stretching back at least two years that targeted the U.S. power grid.
Britain and the United States said they issued the alert to help targets protect themselves and persuade victims to share information with government investigators so they can better understand the threat.
“We don’t have full insight into the scope of the compromise,” said Jeanette Manfra, a cyber security official for the U.S. Department of Homeland Security.
The alert is unrelated to the suspected chemical weapons attack in a town in Syria that prompted a U.S.-led military strike over the weekend targeting facilities of the Russian-backed Syrian government, Joyce said.
U.S. and British officials warned that infected routers could be used to launch future offensive cyber operations.
“They could be pre-positioning for use in times of tension,” said Ciaran Martin, chief executive of the British government’s National Cyber Security Centre cyber defense agency, who added that “millions of machines” were targeted.
Some private-sector cyber security experts have criticized the U.S. government for being too slow to release information about cyber attacks. Monday’s announcement appears to reflect a desire to publicize a threat quickly and widely even before officials completely understand its breadth.
A senior U.S. official, speaking on condition of anonymity, said there had been a steady increase in Russian cyber attacks in recent years.
“It’s harder to track, attribute and respond immediately to a cyber attack … than it is to know who fired a missile,” the official said.
Reporting by Jim Finkle and Doina Chiacu; Additional reporting by John Walcott and Makini Brice in Washington and Jack Stubbs in Moscow; Editing by James Dalgleish