Jens Asbjørn Bøgen
Wifi owners are urged to make sure their routers are up to date with the latest software.
A coordinated cyber effort involving Ukrainian and Western agencies has exposed a large-scale digital surveillance campaign conducted by Russia.
Authorities describe the operation as a significant step in limiting foreign intelligence access across multiple countries.
The Security Service of Ukraine (SBU), working with the FBI, Polish counterintelligence and other European law enforcement bodies, carried out the joint action.
According to the SBU, the investigation uncovered widespread interference linked to Russian military intelligence.
The probe found that attackers focused on poorly secured office and home Wi-Fi routers, often referred to as SOHO devices. These routers were selected for failing to meet modern cybersecurity standards.
Once access was gained, hackers redirected internet traffic through a network of controlled DNS servers. This allowed them to position themselves between users and the services they accessed online.
Targeting weak systems
Through this method, attackers were able to intercept passwords, authentication tokens and other confidential data.
Investigators say even communications protected by SSL and TLS encryption were at risk.
The SBU stated that the operation aimed to support cyberattacks, intelligence gathering and information sabotage. Particular interest was placed on communications involving Ukrainian government staff, military personnel and defense industry workers.
Officials said the scale of the activity extended beyond Ukraine, affecting foreign users whose devices were similarly vulnerable.
Disrupting the network
As part of the joint response, authorities blocked more than 100 servers and removed control over hundreds of compromised routers within Ukraine. The SBU said this significantly reduced the operational capacity of Russian intelligence actors.
The intervention also prevented potential damage to devices at the software level, which could have further disrupted communications infrastructure.
Efforts are ongoing to identify and prosecute those responsible, with international cooperation continuing.
Security advice issued
The SBU urged router owners to update device software immediately and apply all available security patches. Users are also advised to change passwords, disable remote access to router settings and review configurations for suspicious changes.
If devices are no longer supported by manufacturers, replacing them with newer models is strongly recommended.
Telecommunications providers have been asked to assist customers in strengthening their cybersecurity protections.
Sources: Security Service of Ukraine, FBI, European law enforcement agencies
