Russian Hackers Targeting Infrastructure, US, UK Governments Warn

Today’s topics include the U.S. and U.K. governments warning of increasing Russian infrastructure attacks, and Microsoft Windows Defender fighting phishing on Google Chrome.

In the first joint statement of its kind, the U.S. Computer Emergency Readiness Team within the Department of Homeland Security and the National Cyber Security Centre within the UK’s General Communications Headquarters have issued a Technical Alert to warn users of an ongoing campaign by Russian state-sponsored hackers to target network infrastructure.

The targets are infrastructure devices at all levels, including routers, switches, firewalls and network intrusion detection systems.

According to the alert, the Russian attackers are depending on weak security, legacy protocols and service ports intended for administration purposes. When hackers gain access to vulnerable devices in an attack, they masquerade as privileged users, which allows them to modify the operations of the devices so they can copy or redirect traffic to Russian infrastructure.

Microsoft is bringing the technology it uses to keep users of its Edge browser safe to Google’s Chrome browser. Available now in the Chrome Web Store, the new Windows Defender Browser Protection extension for Google Chrome monitors web pages to help users avoid phishing schemes and socially engineered attempts to lure them to malware-tainted sites.

According to Microsoft, "If you click a malicious link in an email or navigate to a site designed to trick you into disclosing financial, personal or other sensitive information, or a website that hosts malware, Windows Defender Browser Protection will check it against a constantly updated list of malicious URLs known to Microsoft.”

Should a user click on a link that appears on that list, the extension will then show a red warning screen with a button that leads back to safety.