博客

[FCE] Britons warned about Russian hackers targeting internet routers for espionage

收听本期播客

阅读正文

The UK’s National Cyber Security Centre (NCSC) has issued a significant warning regarding widespread cyberattacks. Russian hackers are reportedly targeting commonly available internet routers, the devices used daily in countless homes and businesses, for purposes of espionage. This involves gathering confidential information for intelligence operations.

This form of cyberattack raises serious concerns due to its potential impact. Cybersecurity experts, such as Professor Alan Woodward, explain that a compromised router can allow hackers to steal users’ login credentials. Attackers could also redirect individuals to fraudulent websites, tricking them into believing they are accessing secure platforms like online banking, while actually stealing their data. Furthermore, a breach could grant access to other devices connected within the home network, such as smartphones or personal computers, searching for vulnerabilities. Routers are often referred to as ‘edge devices’ because they serve as the crucial link between a private network and the wider internet, yet their security is frequently overlooked.

The NCSC suggests these operations are ‘opportunistic,’ meaning hackers initially target a broad range of victims before identifying specific individuals or organisations with valuable intelligence. The group believed to be responsible is known as APT28, or Fancy Bear, a collective almost certainly linked to Russian intelligence services. This group has a documented history of major cyberattacks, including the 2015 breach of the German parliament, which resulted in the theft of sensitive emails and parliamentary schedules.

This ongoing threat highlights a larger issue within internet security. The United States recently implemented a drastic measure, banning the sale of all consumer-grade internet routers manufactured outside the country, citing unacceptable national security risks. US authorities noted that foreign-made routers have been exploited by malicious actors for espionage and intellectual property theft. However, privacy specialists caution that this ban might not fully resolve the problem, as many existing routers are older models that no longer receive essential security updates.

It is therefore vital for both individuals and small businesses to regularly update their router’s software and remain vigilant for any unusual network activity. As Professor Woodward emphasised, these critical devices are often neglected, yet they can become significant weak points. A notable example occurred in 2016 when hackers stole $80 million from Bangladesh’s central bank, partly by exploiting cheap, secondhand routers lacking proper security, which provided a gateway to the bank’s core network. Given our increasing reliance on these interconnected devices, protecting them is paramount.

阅读练习

1. What is the primary purpose of this article?

  • A. To warn about the US ban on foreign-made routers.
  • B. To explain how to update router software effectively.
  • C. To highlight the global threat of Russian hackers exploiting internet routers for espionage.
  • D. To detail the history of APT28’s cyberattacks on government institutions.

2. According to the article, why are internet routers commonly referred to as ‘edge devices’?

  • A. Because they are physically located on the edge of a building or network.
  • B. Because they represent the outermost layer of a home’s digital security.
  • C. Because they form a critical connection between a private network and the wider internet.
  • D. Because they are often overlooked and placed in less secure locations.

3. The NCSC describes the hackers’ operations as ‘opportunistic’ because the hackers initially:

  • A. target specific high-value individuals with known vulnerabilities.
  • B. search for any available routers before selecting targets with valuable intelligence.
  • C. wait for individuals to install outdated software, creating opportunities.
  • D. exploit vulnerabilities in newly released router models before patches are available.

4. In paragraph 2, what does the word ‘compromised’ mean in the context of a router?

  • A. It has been upgraded with new features.
  • B. It has reached an agreement with a cyber attacker.
  • C. It has been infected or taken control of by hackers.
  • D. It has had its security settings weakened by the user.

5. The example of the Bangladesh central bank hack in 2016 is provided to show that:

  • A. all central banks are vulnerable to attacks via their internet routers.
  • B. outdated or unsecured routers can lead to significant financial losses.
  • C. only large organisations are targeted by sophisticated state-sponsored hackers.
  • D. the US ban on foreign-made routers was a necessary measure.