Britain's National Cyber Security Centre (NCSC), the Federal Bureau of Investigation, and the U.S. Department of Homeland Security (DHS) issued a joint alert on April 16, warning that the global campaign could be escalated to launch future offensive attacks.
Though the governments are not sure how many devices have been compromised by the hackers nor what the objective is, the targeting affects millions of devices globally, officials said on a call with reporters Monday morning. Any compromised hardware might even be used as a foundation for future attacks, the alert theorized.
This could be used be used to mount a future offensive, it warned.
"When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back", said Rob Joyce, the White House cyber security coordinator.
No sanctions or penalties were announced Monday, and the alert is unrelated to expected sanctions on Russian Federation in coming days, though Joyce reiterated that "all elements of United States power are available to push back" on such hacking efforts. Second, this type of attack strategy lets Russian Federation peer at the data that's passing through compromised devices, whether it's personal of business related.
There were reports that the Pentagon had detected a 2,000% increase in Russian-linked bots on social media in the hours after Saturday's strikes.
It's warned that a Russian government campaign to exploit these devices threatens safety, security, and economic well-being of the United States and the UK.
Martin said the attacks could be designed for spying, stealing intellectual property or possibly "prepositioning for use in times of heightened tension".
American and British officials said the attacks affected a wide range of organizations including internet service providers, private businesses and critical infrastructure providers. "This isn't an isolated incident by any stretch and should be viewed in the totality of Russian malicious cyber activity".
Taylor said while the devices could have been used to access sensitive data, there was "no indication" Australian information had been compromised.
The advice given to firms has included ways to configure their systems correctly and how to apply patches to address hardware vulnerabilities. Further intelligence about the attacks had been added by "multiple" cyber-security organisations and companies, he added.
"The UK government will continue to work with the USA, other global allies and industry partners to expose Russia's unacceptable cyber behaviour, so they are held accountable for their actions".