For its first year in office, the Trump administration seemed soft on Russia's hyper-aggressive hackers, reluctant even to point out they'd brazenly meddled in the US election. Then, just two months ago, the White House suddenly came out swinging, calling out Russia for its massively disruptive NotPetya malware and intrusions into the US power grid, and imposing new sanctions in response. Now, in its latest warning to Russia over its hacking bonanza, the White House may have confused the message again, this time in the other direction: By scolding Russia not for its uniquely destructive hacking activities, but by all appearances for the kind of cyberespionage many governments do—including the US.
An alert issued jointly by the Department of Homeland Security, the White House, the FBI and the UK's National Cyber Security Center on Monday warned that hackers tied to the Russian government have attempted to compromise millions of routers and firewalls across the internet, from enterprise-focused network equipment to the humble routers in homes and small businesses across the world. The report warns that the attacks "enable espionage and intellectual property [theft] that supports the Russian Federation’s national security and economic goals," and offers technical advice about how to detect and stop those attacks.
"When we see malicious cyberactivity, whether Kremlin or other nation state actors, we are going to push back," said White House cybersecurity coordinator Rob Joyce in a call with reporters. (The call came just hours before reports surfaced that Joyce is resigning his White House position.) "We condemn this latest activity in the strongest possible terms," added senior DHS official Jeanette Manfra.
'Saying that home routers with default passwords are getting owned is like saying that thieves are picking up unattended money