🕵Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices Systems Affected

🕵Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices Systems Affected

  1. Generic Routing Encapsulation (GRE) Enabled Devices
  2. Cisco Smart Install (SMI) Enabled Devices
  3. Simple Network Management Protocol (SNMP) Enabled Network Devices

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre (NCSC).

This TA provides information on the worldwide cyber exploitation of network infrastructure devices (e.g., router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices) by Russian state-sponsored cyber actors.

Targets are primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors.

US-CERT

https://www.us-cert.gov/ncas/alerts/TA18-106A

US, UK Say Russian Hackers Targeting Vulnerable Routers – Law360

https://www.law360.com/ip/articles/1033989

US, UK say Russia targets internet hardware for espionage – seattlepi.com

https://m.seattlepi.com/business/technology/article/US-UK-say-Russia-targets-internet-hardware-for-12839031.php