Cybersecurity agencies from the US and eight allied nations warn that Russian state hackers are targeting vulnerable routers to compromise critical infrastructure. The advisory highlights risks across various sectors, including energy and healthcare, and offers mitigation strategies.
The United States and eight allied countries, including the UK, Canada, and Australia, have released a joint cybersecurity advisory. This report reveals ongoing targeted attacks by Russian state-sponsored hackers against critical infrastructure networks.
The advisory identifies the hacking group as Center 16 of the Russian Federal Security Service (FSB), known by multiple aliases such as Berserk Bear and Energetic Bear. These hackers are reportedly scanning for networks utilizing default or weak Simple Network Management Protocol (SNMP) passwords.
The advisory emphasizes sectors particularly vulnerable to these attacks, such as energy, communications, and healthcare. These industries could face significant disruptions if targeted by cyber intrusions.
Agencies encourage network defenders to implement specific defensive measures. Recommendations include upgrading to SNMPv3, disabling vulnerable features like Cisco's Smart Install, and enforcing strong, unique passwords.
The caution follows a previous operation against a different Russian group, APT28, which had infected numerous routers worldwide. The severity and scale of the current threat underscore the persistent risk posed by state-sponsored cyber activities.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
Cybersecurity agencies from the US and eight allied nations warn that Russian state hackers are targeting vulnerable routers to compromise critical infrastructure. The advisory highlights risks across various sectors, including energy and healthcare, and offers mitigation strategies.