US and UK warn that Russian state hackers




are attacking network equipment
The British NCSC has published a warning together with the American FBI and the Ministry of Homeland Security. In it, these services write that Russian state hackers carry out attacks on network equipment of companies and governments.

In the warning and a corresponding report, the services state that organizations within the critical infrastructure are among the targets, just like internet providers. The attacks would focus on network equipment such as routers, switches and firewalls. The state hackers would use devices that were taken over for man-in-the-middle attacks in order to ‘support espionage, steal intellectual property, maintain access to networks and possibly lay the foundation for future attacks’.

In the report, the services state that a successful attack does not always require zero-days, but that incorrect configuration or missing patches are also sufficient. In addition, devices such as routers would be ‘ideal targets’ because they allow network traffic to be tracked, intercepted and modified. According to the services, the attacks are preceded by exploration, in which ports for telnet, snmp and Cisco Smart Install are examined. Attacks on the Cisco service would be carried out with a tool that appeared online in November of 2016.

The report provides recommendations for measures to prevent attacks, as well as means for detection. According to The New York Times , it is the first joint warning of this kind. Government officials say to the newspaper that the report has been in the making for some time and that it is not a reaction to recent events.


In: A Technology & Gadgets Asked By: [23616 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »