In a joint announcement made today, both the United Kingdom and United States governments issued a warning to their citizens to be wary of the increased risk of Russian cyber attacks. This warning is directed at federal and state agencies, as well as private citizens and corporations. The warning calls for known vulnerabilities to be patched, removed, or mitigated if they can’t be safely dealt with. Both governments would like to see preparedness plans from companies, as well as their plans for what to do if their networks are successfully breached. The governments reiterated that they will respond to cyber attacks from national actors with a response in kind using the full wealth of the resources at their disposal. Nationally backed cyber attacks have become increasingly prevalent in recent years, with most countries having a cyber warfare group. Russia has APT 28, the United States has the NSA, Air Force, and its cyber warfare divisions while China has PLA Unit 61398.
These cyber warfare groups are on the front lines of the growing global cyber war that’s been heating up for years now. In the joint statement it was noted that the current Russian MO is to piggyback malware into inconspicuous locations to gain access to greater systems. What this means is that personal phones, routers, and email addresses are all used to infect personal devices. These devices come in contact with other personal networks, which spreads the infection, or they reach business/government networks and burrow into those. The injection methods for this network of malware is usually overseas communications and travel. There have been documented cases where power outlets, as in the thing with (usually) three prongs, infecting phones that have been plugged into them to charge. Any variant of USB charging cable, which is what all smartphones use, allows an attacker to infect a device that’s been plugged into a modified outlet. These sort of attacks are also prevalent inside the United States at USB charging stations found in public areas. USB charging makes your devices vulnerable and there isn’t much of a defense against it, as that area of cyber attack is relatively new.
Emails from overseas can be dangerous as well, as national cyber groups may attach or modify outgoing emails to include malware into trusted email communications. Or, they might attempt a spearphishing attack against individuals and groups, something that’s been seen in the past, particularly from Iran. Communications safety is always important, and is going to become increasingly important as time goes on and more attacks happen. Multi-factor verification is a simple procedure that any organization or individual can set up to increase the safety of their accounts.
Max is a Legal Assistant and author residing in the Philadelphia area He has been writing for AskCyberSecurity.com since early 2017.