Friday, 25 May 2018

Reuters/Jim Finkle and Pavel Polityuk: U.S. seeks to take control of infected routers from hackers

Reuters

Technology News
May 23, 2018 / 1:03 PM / 2 days ago

U.S. seeks to take control of infected routers from hackers
Jim Finkle, Pavel Polityuk

3 Min Read

TORONTO/KIEV (Reuters) - The U.S. government said late on Wednesday that it would seek to wrestle hundreds of thousands of infected routers and storage devices from the control of hackers who security researchers warned were planning to use the “botnet” to attack Ukraine.

A federal judge in Pennsylvania gave the FBI permission to seize an internet domain that authorities charge a Russian hacking group known as Sofacy was using to control infected devices.

The order allows them to direct the devices to communicate with an FBI-controlled server, which will be used to query location to pass on to authorities around the globe who can remove malware from infected equipment.
Related Coverage

    Ukraine cyber police aware of possible new threat: police chief
    Ukraine cyber police aware of possible new threat: police chief
    Ukraine warns of massive cyber attack before Champions League final
    Ukraine warns of massive cyber attack before Champions League final

“This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities,” Assistant Attorney General for National Security John Demers said in a statement.

The U.S. government announced the takedown effort after Cisco Systems Inc (CSCO.O) early on Wednesday released a report on the hacking campaign that it said targeted devices from Linksys, MikroTik, Netgear Inc (NTGR.O), TP-Link and QNAP. (bit.ly/2LpHoXa)

Cisco said the largest number of infections from the VPNFilter malware were in Ukraine, which led it to believe Russia was planning an attack on that country.
Slideshow (3 Images)

Cisco shared technical details with the United States and Ukraine governments as well as rivals who sell security software, hardware and services.

Ukraine’s SBU state security service responded to the report by saying it showed Russia was readying a large-scale cyber attack ahead of the Champions League soccer final, due to be held in Kiev on Saturday.
Cisco Systems Inc43.68
CSCO.ONasdaq
+0.03(+0.07%)
CSCO.O

    CSCO.ONTGR.O

Cyber security firms, governments and corporate security teams closely monitor events in Ukraine, where some of the world’s most costly and destructive cyber attacks have been launched.

The Kremlin did not respond to a request for comment.

Russia has denied assertions by nations including Ukraine and Western cyber-security firms that it is behind a massive global hacking program that has included attempts to harm Ukraine’s economy and interfering in the 2016 U.S. presidential election.

Netgear and Linksys advised customers to make sure their routers are patched with the latest version of its firmware.

MikroTik, TP-Link and QNAP could not be reached.

Reporting by Jim Finkle in Toron to and Pavel Polityuk in Live; Writing by Jim Finkle and Jack Stubbs; Editing by Mark Heinrich and Jeffrey Benkoe
Our Standards:The Thomson Reuters Trust Principles.

    AppsNewslettersAdvertise with UsAdvertising GuidelinesCookiesTerms of UsePrivacy

All quotes delayed a minimum of 15 minutes. See here for a complete list of exchanges and delays.

© 2018 Reuters. All Rights Reserved.
About Cookies On The Site
We use cookies to personalize and enhance your experience on our site. Visit our Privacy Policy for more information on our data collection practices. By clicking Accept, you agree to our use of cookies for the purposes listed in our Cookie Consent Tool.

No comments: