This morning, reports surfaced that UK Prime Minister Theresa May has been briefed on possible incoming Russian-based cyberattack that could lead to the release of compromising information about the country's lawmakers. But the threat has been expanded beyond gaining leverage on politicians. UK cyber intelligence agency NCSC, the FBI and the DHS have jointly accused Russian-based attackers of engaging a campaign for months trying to compromise routers, switches and firewalls around the world to hijack the Internet's infrastructure.
Globally, this effort had targeted millions of machines to spy on ISP customers, organizations and government agencies. The attack strategy let Russia peer at the data passing through the compromised devices, whether that be business or intelligence-related. It had also let attackers cripple firewalls and intrusion detection systems that organizations use to flag malicious internet traffic, according to the BBC. Any compromised hardware might even be used as a foundation for future attacks, the alert theorized.
The joint warning stated stated that the main targets have been ISPs, firms running 'critical infrastructure,' government departments and big companies. Finally, the alert outlined what erratic hardware behavior should indicate a device has been compromised. The report didn't identify which companies have been affected, nor the number of devices that have been hacked.