Hackers associated with some of Russia's most prolific cyber espionage units have over the last year been leveraging a vulnerability in older Cisco software to target thousands of networking devices associated with critical infrastructure IT systems, the FBI and Cisco said on Wednesday.
Hackers working within the Russian Federal Security Service (FSB) Center 16 are extracting "device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," Cisco Talos researchers Sara McBroom and Brandon White wrote in a threat advisory published to the company's blog.
In a separate advisory, the FBI said that over the last year it had detected the hackers collecting configuration files "for thousands of networking devices associated with U.S. entities across critical infrastructure sectors."
In some cases the configuration files are modified to enable long-term access for the hackers, who use that access to conduct reconnaissance in targeted networks, with a particular interest in industrial control systems.
The Russian embassy in Washington did not respond to a request for comment. Moscow denies conducting cyber espionage operations.
The hackers are exploiting a seven-year-old vulnerability in Cisco IOS software, targeting unpatched and end-of-life network devices, according to a separate threat advisory published on Wednesday by Cisco Talos, Cisco's threat intelligence research unit.
Other state-backed hackers are likely conducting similar hacking operations targeting the devices, the Cisco Talos researchers wrote.
Organizations within the telecommunications, higher education and manufacturing sectors across North America, Asia, Africa and Europe have been most targeted, "with victims selected based on their strategic interest to the Russian government," the researchers said.
The hacking unit linked to the activity has been operating for at least a decade, according to the researchers, and is likely a subgroup within the FSB's Center 16. In March 2022 the U.S. Department of Justice charged four Russian nationals within the group of illegally targeting the global energy sector between 2012 and 2018.
Hackers working within the Russian Federal Security Service (FSB) Center 16 are extracting "device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," Cisco Talos researchers Sara McBroom and Brandon White wrote in a threat advisory published to the company's blog.
In a separate advisory, the FBI said that over the last year it had detected the hackers collecting configuration files "for thousands of networking devices associated with U.S. entities across critical infrastructure sectors."
In some cases the configuration files are modified to enable long-term access for the hackers, who use that access to conduct reconnaissance in targeted networks, with a particular interest in industrial control systems.
The Russian embassy in Washington did not respond to a request for comment. Moscow denies conducting cyber espionage operations.
The hackers are exploiting a seven-year-old vulnerability in Cisco IOS software, targeting unpatched and end-of-life network devices, according to a separate threat advisory published on Wednesday by Cisco Talos, Cisco's threat intelligence research unit.
Other state-backed hackers are likely conducting similar hacking operations targeting the devices, the Cisco Talos researchers wrote.
Organizations within the telecommunications, higher education and manufacturing sectors across North America, Asia, Africa and Europe have been most targeted, "with victims selected based on their strategic interest to the Russian government," the researchers said.
The hacking unit linked to the activity has been operating for at least a decade, according to the researchers, and is likely a subgroup within the FSB's Center 16. In March 2022 the U.S. Department of Justice charged four Russian nationals within the group of illegally targeting the global energy sector between 2012 and 2018.
You may also like
Redistricting row: California top court rejects GOP plea for hold; cost, corruption claims surface
Uttar Pradesh News: Ghaziabad Woman Alleges Husband Wanted Her To Look Like Nora Fatehi, Files Dowry Harassment Case
Ganeshotsav 2025: BMC Launches 'Modak Festival' From August 21 To 25, Women SHGs To Deliver Handmade Modaks
'I thought I was joining Tottenham but then Arsenal called and I immediately signed'
ABT revival rings alarm bells: Infiltration, sleeper cells and the ISI hand
