U.S. and Britain jointly accuse Kremlin of massive cyberattack on millions of routers, internet providers
On Monday, the U.S. and British governments accused the Kremlin of conducting a huge cyberattack on routers and other internet hardware around the world, with the presumed aim being economic and political espionage and possibly sabotage. In a first-ever joint U.S.-British cybersecurity alert, the FBI, U.S. Department of Homeland Security, and Britain's National Cyber Security Centre (NCSC) said the years-long campaign targeted millions of devices, primarily used by "government and private-sector organizations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors."
"We have high confidence that Russia has carried out a coordinated campaign to compromise ... routers, residential and business — the things you and I have in our home," said Rob Joyce, the White House cybersecurity coordinator. Jeanette Manfra, the Homeland Security Department's chief cybersecurity official, added that the U.S. and Britain "condemn the actions and hold the Kremlin responsible for the malicious activities." The aim of the attack, which dates back at least to 2015, seems to be to "seize control" of internet infrastructure to intercept traffic moving through the routers of people and organizations, NCSC chief Ciaran Martin said. Australia also blamed the Kremlin on Monday for a cyberattack on hundreds of Australian companies in 2017.
The U.S. has become more aggressive in calling out Russia and other countries publicly for cyber-malfeasance, including a March 15 warning from the U.S. Computer Emergency Response Team (US-CERT) that Russian government "cyber actors" have tried to infiltrate U.S. agencies and companies that deal with power, water, aviation, and other critical sectors. But it isn't clear why the U.S. and Britain are issuing this new alert now, U.S. cybersecurity researcher Jake Williams tells The Associated Press. "Calling the Russians out on this hardly makes much sense unless there's some other agenda (most likely political)." Peter Weber
President Trump promised he'd have a report on Russia's interference in the election within 90 days. His time is up.
Exactly 90 days ago, Donald Trump was inaugurated as president of the United States. That means Thursday marks his administration's whiff on a major self-imposed deadline — one to assemble a team that would, within 90 days, assess claims of Russian interference in the presidential election and examine American cybersecurity. Trump made the promise repeatedly: "My people will have a full report on hacking within 90 days!" he tweeted Jan. 13.
The Intercept tried to check in last week to see how that was coming along:
Reached by phone, Senior Assistant White House Press Secretary Michael Short said, "I'm in the parking lot, I don't have an update" on the promised report. Asked when he might be able to provide an update, Short repeated, "I'm in the parking lot." Then he said "I've got to run" and hung up. [The Intercept]
Politico also had no luck:
The National Security Council would normally be involved in creating such a report. But on Wednesday, a NSC spokesperson told Politico that he was unaware if the NSC was in charge of compiling it, or if that responsibility fell to [Rudy Giuliani, who was tasked by Trump to build partnerships on cybersecurity with the private sector] — or if the report exists.
Giuliani is continuing his work talking to the private sector, but a spokesperson for the former New York City mayor confirmed that he is not involved in any 90-day report.
The White House spokesperson wouldn't directly address why the deadline was missed. [Politico]
Missing the cybersecurity deadline is of particular concern to critics, including Ned Price, who was a spokesman for the National Security Council under former President Barack Obama. Missing the deadline shows "a lackadaisical approach to what intelligence officials have routinely said is our biggest national security threat," Price told Politico. "It speaks to the level of priority that this administration apparently has attached to cybersecurity, which apparently isn't much." Jeva Lange
The Senate Armed Services Committee convenes Thursday morning to hear testimony from U.S. intelligence officials concerning "foreign cyberthreats to the United States," The New York Times reports.
Sen. John McCain (R-Ariz.) is the committee's chairman and has been vocally at odds with President-elect Donald Trump, blaming Russia for Democratic hacks during the election. Trump, citing WikiLeaks founder Julian Assange, has denied such claims.
The committee will hear from National Intelligence Director James Clapper Jr., Undersecretary of Defense for Intelligence Marcel Lettre, and Adm. Michael Rogers, of the National Security Agency and United States Cyber Command. "The point of this hearing is to have the intelligence community reinforce from their point of view that the Russians did this," said Sen. Lindsey Graham (R-S.C.), who is also on the committee. McCain has warned, "You try to subvert a nation's ability to determine its leaders and its democratic process, that's an act of war."
Democrats on the committee include Sen. Jack Reed (R.I.) and Sen. Elizabeth Warren (Mass.). Jeva Lange
A massive cyberattack in late October took down major websites across the United States. Now, some security experts are warning that another attack could be coming — and this time it might be aimed at keeping voters from the polls on Nov. 8.
Adam D'Angelo, the CEO of Quora and formerly the chief technology officer at Facebook, said that if there is a "rush attack" Tuesday morning, voters may not be able to find their precinct. "Everybody should do screenshots on your phone, or just memorize [the address]," D'Angelo told The Daily Beast. "People who are campaigning, knocking on doors, those people should be prepared."
A distributed denial of service (DDoS) attack like the one in October could also disable services like Google or Apple Maps, making it hard to navigate to your polling area if you don't know where you're going.
As for who might try to execute such an attack, D'Angelo said many have the motivation. "I definitely believe it's possible to affect the number of people who turn out to vote. There's a lot of data saying that when you make things a little bit harder, fewer people turn out," he said. And that makes it appealing to everyone from domestic hackers and pranksters to international agents to disrupt the vote.