Senior security officials in the United States and UK held a rare joint conference call to directly blame the Kremlin for targeting government institutions, private sector organisations and infrastructure, and internet providers supporting these sectors.
The goal of the announcement Monday was to warn corporations and individuals to protect themselves against attacks.
The officials said the attacks aren't always for espionage or to steal intellectual property, an d also to lay the foundation for seizing control of computer equipment to potentially launch future attacks.
Washington and London have detailed how Russian-backed hackers have been compromising network devices around the world since 2015.
Britain's National Cyber Security Centre, the US Department of Homeland Security and the Federal Bureau of Investigation issued a joint statement on the attack, which they said began in 2015 and could have laid the groundwork for further cyber attacks in the future.
FBI Deputy Assistant Director Howard Marshall said the activity is a part of a "repeated pattern of disruptive and harmful cyber action" carried out by Russian Federation.
Jeanette Manfra, DHS assistant secretary for cybersecurity, said the alert is a "call for all responsible nations to use their resources - including diplomatic, law enforcement, technical, and other means - to address the Russian cyber threat".
As tensions remain high over Russia's involvement in Syria, its alleged tampering in the 2016 United States election and the poisoning of a former Russian spy, the UK and U.S. say that Russia will be held accountable for the cyber-attacks.
"It's a tremendous weapon in the hand of an adversary", said Howard Marshall, FBI's deputy assistant director for cybersecurity.
"This is a global threat", Manfra said.
"They could be pre-positioning for use in times of tension", said Ciaran Martin, chief executive of the British government's National Cyber Security Centre cyber defense agency, who added that "millions of machines" were targeted. "We are pushing back and we are pushing back hard", he said.
These potential "victim networks" range from small-office and in-home systems to large private and public sector corporations.