Officials said the attacks could be used for espionage or intellectual property theft. | Getty U.S. pins yet another cyberattack on Russia

The U.S. on Monday accused Russia of yet another global cyberattack, pinning a mounting assault on networks on the Kremlin.

The announcement, made jointly with the United Kingdom, is the latest in a growing string of cases where Western governments have pointed a finger at Moscow for high-profile digital malfeasance — a significant shift in digital deterrence strategy. For years, governments withheld from publicly blaming other nation-states for online attacks, fearful of misidentifying the perpetrator and of having their own digital behavior exposed in retaliation.


But Monday's move is the fifth time in recent years that the U.S. government has called out the Kremlin for its digital behavior, either through agency statements or criminal indictments.

Ciaran Martin, head of the British National Cyber Security Centre, called the joint accusation evidence of "a significant moment in the transatlantic fight back against Russian aggression in cyberspace," during a call with reporters.

The newly disclosed attacks targeted "network infrastructure devices" — routers, switches and firewalls, officials said. They are meant to gain access to government and critical infrastructure targets, they added.

"It is a tremendous weapon in the hands of an adversary," said Rob Joyce, White House cybersecurity coordinator, during the call.

Morning Cybersecurity A daily briefing on politics and cybersecurity — weekday mornings, in your inbox. Email Sign Up By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

U.S. and U.K. officials briefing reporters said the attacks could be used for espionage or intellectual property theft or for laying the groundwork for destructive attacks should tensions escalate. But they said they had no insight into the scope of how successful the attacks have been.

"Once you own the router, you own the traffic that's traversing the router," said Jeanette Manfra, the Homeland Security Department's assistant secretary for cybersecurity and communications.

One of the way the attackers are hijacking routers is via a recently revealed flaw in networking software made by the tech conglomerate Cisco, Manfra explained.

Cisco researchers had said they believed Russian government hackers might be using the vulnerability to try and access critical infrastructure.

The flaw was also exploited in an attack that targeted Iranian networks, leaving behind the image of a U.S. flag and a warning: "Don't mess with our elections." Researchers have suggested the assault was a false flag operation designed to make it look like the U.S. was responsible.

Monday's action adds to a growing list of cyber campaigns the U.S. government has pinned on Russia.

In its waning days, the Obama administration publicly blamed Russia for hacking Democratic targets during the 2016 election, and for using social media platforms to spread misinformation meant to sow discontent during the presidential race.

And despite President Donald Trump's regular equivocation about Russia's involvement in the election hacking, his administration has continued blaming Moscow for other major cyberattacks.

In March of 2017, the Justice Department took the landmark step of indicting two Russian spies for hacking into tech giant Yahoo and stealing data on 500 million users.

In February, the U.S. joined with its intelligence allies to blame the Kremlin for orchestrating the 2017 NotPetya malware outbreak, which disrupted operations at Ukraine’s central bank, the main airport in Kiev and the Chernobyl nuclear power plant. The White House called it "the most destructive and costly cyberattack in history."

And just last month, the U.S. issued a detailed report, describing a wide-reaching Russian campaign to infiltrate networks operating critical infrastructure around the world, including U.S. and European nuclear power plants and the electricity grid.

Joyce said the White House got involved in the latest joint alert "to give it the gravitas and attention of the whole of U.S. government."

He added the U.S. response could include a range of activities, such as a report published Monday afternoon detailing how to defend against the attack, a new round of sanctions, indictments or offensive cyber retaliation.

The Trump administration has already sanctioned Russia for its ongoing digital actions, including the election hacking and the NotPetya attack, issuing a new round of penalties in March targeting 24 Russian entities and individuals.

