The Department of Homeland Security, FBI and United Kingdom’s National Cyber Security Centre issued a joint Technical Alert on the “worldwide cyber exploitation of network infrastructure devices (such as a) router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices by Russian state-sponsored cyber actors.”
Officials said that targets are primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors. It also contains “indicators of compromise and “contextual information regarding observed behaviors on the networks of compromised victims.”
“FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” the report states.
“The current state of U.S. network devices—coupled with a Russian government campaign to exploit these devices—threatens the safety, security, and economic well-being of the United States.”
The entire Technical Alert can be found here.
Click here to follow Daily Voice Tappan-Blauvelt and receive free news updates.