Posted on 04/18/2018 6:28:42 AM PDT by COBOL2Java
This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdoms National Cyber Security Centre (NCSC). This TA provides information on the worldwide cyber exploitation of network infrastructure devices (e.g., router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices) by Russian state-sponsored cyber actors. Targets are primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors. This report contains technical details on the tactics, techniques, and procedures (TTPs) used by Russian state-sponsored cyber actors to compromise victims. Victims were identified through a coordinated series of actions between U.S. and international partners. This report builds on previous DHS reporting and advisories from the United Kingdom, Australia, and the European Union. [1-5] This report contains indicators of compromise (IOCs) and contextual information regarding observed behaviors on the networks of compromised victims. FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.
DHS, FBI, and NCSC urge readers to act on past alerts and advisories issued by the U.S. and U.K. Governments, allied governments, network device manufacturers, and private-sector security organizations. Elements from these alerts and advisories have been selected and disseminated in a wide variety of security news outlets and social media platforms. The current state of U.S. network devicescoupled with a Russian government campaign to exploit these devicesthreatens the safety, security, and economic well-being of the United States.
(Excerpt) Read more at us-cert.gov ...
Further details at the site.
One more danger of an insecure internet. Computers do to irresponsibility are a bigger threat to civilized society than an aide.
Good stuff, thank you.
Thanks for posting.
However, with the digital gangbang suffered via the Chinese hacking the Office of Personnel Management, the Veterans Administration, Yahoo, and now with the Zuckerberg operation, I am assured that the Russians “are too late to the party”.
Cisco devices. Interesting.
L
Plug-n-play routers! A wardriver's dream!
ID: admin
Password: password
Woo hoo!
All ports open? Yeah, baby!
If these network devices were properly configured to begin with, there would be no issue.
Unfortunately, many of the idiots responsible for proper configurations and security practices are also responsible for the network that runs critical infrastructure.
Power, Sewer, Water, Communications, Banking etc.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.