The US Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and the UK's National Cyber Security Center (NCSC) issued a warning for hacking attacks by Russians.
These attacks are carried out on routers and other internet-connected devices used in homes, small businesses and large organizations reporting that they are vulnerable to cyber attacks.
The hacking campaign, according to researchers, targets routers and other networking devices with man-in-the-middle attacks aimed at cyber espionage, theft of intellectual property and the maintenance of permanent access to victims' networks for use in further attacks.
The warning from the NCSC (belongs to the secret service GCHQ) reports that systems with Generic Routing Encapsulation (GRE), and Cisco Smart Install (SMI) enabled, as well as devices using Simple Network Management Protocol (SNMP) are vulnerable to attacks.
Millions of these devices around the world are reported to have been tampered with, and especially those that used the default passwords.
The warning includes details on how to secure devices that use the services: Telnet, SNMP, TFTP, and SMI while Cisco has published a set of best practices for "hardening its anti-cyber attack devices targeting network infrastructure."
The NCSC warning states:
Network devices are very often easy targets. Once installed, many of these network devices do not provide solutions security devices such as computers.
He states that few of these devices have any antivirus or security tools and that "manufacturers are manufacturing and distributing these network devices with unsafe services that allow easy installation, operation and maintenance."
The report encourages manufacturers not to design products that support legacy protocols or non-encrypted features and to design these devices to require users to change their default passwords before using them.
Οι αρχές των Ηνωμένων Πολιτειών και του Ηνωμένου Βασιλείου δεν έχουν αναφέρει γιατί αποδίδουν όλες αυτές τις επιθέσεις στο Κρεμλίνο, αλλά δήλωσαν ότι “πιστεύουν πως το κράτος της Russiaς βρίσκεται πίσω από αυτήν την κακόβουλη δραστηριότητα στον κυβερνοχώρο που στοχεύει ευπάθειες συσκευών υποδομής δικτύου.”
The Russian embassy in the United Kingdom rejected the allegations:
We consider these accusations and accusations, impressive examples of a reckless, provocative and unfounded policy against Russia
On the other hand, Jeremy Fleming, director of the UK Information Office GCHQ, said:
They do not play with the same rules, they operate with very blurred boundaries between criminal and state activity
But does the above statement concern all secret services around the world? Namely NSA, CIA and GCHQ?
Which one does it use fair means of violating computers and hacking into infrastructure systems?
- Suitcase or Stingray: Finish the super cute with the upcoming 5G
- New law Right to repair. What it means;