FBI Announces Operation Masquerade
Why It Matters
Operation Masquerade curtails a massive Russian espionage campaign, safeguarding U.S. government, military and private data while demonstrating coordinated, offensive cyber defense.
Key Takeaways
- •FBI and DOJ launch Operation Masquerade against Russian GRU routers.
- •GRU hijacked DNS on millions of consumer and SMB routers worldwide.
- •FBI restored DNS settings, cut GRU access, and collected evidence.
- •Operation tested to avoid disrupting legitimate traffic or user data.
- •Multi‑nation PSA released with NSA detailing GRU tactics and defenses.
Summary
Operation Masquerade, announced by FBI Cyber Division head Brett Leatherman, is a coordinated effort with the DOJ and international partners to neutralize a Russian GRU‑run DNS hijacking campaign that has compromised millions of consumer and small‑business routers worldwide.
The FBI disclosed that the GRU redirected traffic from phones, laptops and other devices to its own infrastructure, intercepting encrypted communications and stealing credentials. Using a court‑authorized technical operation, agents reverted malicious DNS settings, cut off GRU access, and collected forensic evidence while ensuring routers remained functional for legitimate users.
Leatherman emphasized that extensive testing preceded the rollout to avoid service disruption, and highlighted a newly released public‑service announcement co‑authored with the NSA and 15 allied nations that details the adversary’s tactics and offers defensive guidance.
The operation marks a rare, proactive intrusion into foreign‑controlled infrastructure, signaling a shift toward offensive cyber defense, bolstering protection of critical U.S. networks, and reinforcing multinational collaboration against state‑sponsored cyber threats.
Comments
Want to join the conversation?
Loading comments...