The United States and Britain have warned of a global cyber attack, blaming Russian government-backed hackers for a campaign on government agencies, businesses and critucal infrastructure operators.
Washington and London issued a joint alert, saying the widespread global campaign began in 2015 and could be escalated to launch offensive attacks.
The alert comes two months after the US and the UK accused Russia of carrying out the damaging "NotPetya" cyber attack in 2017 that unleashed a virus that crippled parts of Ukraine's infrastructure and damaged computers across the globe.
"When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back," said Rob Joyce, the White House cyber security coordinator.
Moscow has yet to comment but has denied previous accusations that it carried out cyber attacks on America and other countries.
Britain and the US said they issued the alert to help targets protect themselves and persuade victims to share information with government investigators so they can better understand the threat.
"We don't have full insight into the scope of the compromise," said Jeanette Manfra, a cyber security official for the US Department of Homeland Security.
The alert is unrelated to the suspected chemical weapons attack in Syria that prompted a US-led military strike over the weekend targeting facilities of the Russian-backed Syrian government, Joyce said.
US and British officials warned that infected routers could be used to launch future offensive cyber operations.
"They could be pre-positioning for use in times of tension," said Ciaran Martin, chief executive of the British government's National Cyber Security Centre cyber defence agency, who added that "millions of machines" were targeted.
Some private-sector cyber security experts have criticised Washington for being too slow to release information about cyber attacks.
A senior US official, speaking on condition of anonymity, said there had been a steady increase in Russian cyber attacks in recent years.
"It's harder to track, attribute and respond immediately to a cyber attack ... than it is to know who fired a missile," the official said.