Το Υπουργείο Εσωτερικής Ασφάλειας των ΗΠΑ (DHS), το Ομοσπονδιακό Γραφείο Διερεύνησης (FBI) και το Εθνικό Κέντρο Ασφάλειας διαδικτύου (NCSC) του Ηνωμένου Βασιλείου εξέδωσαν μια προειδοποίηση για hacking attacks by Russians.
These attacks take place on routers and other online devices used in homes, small businesses and large organizations, indicating they are vulnerable to cyber attacks.
The hacking campaign, according to researchers, targets routers and other network devices with man-in-the-middle attacks aimed at cyber espionage, theft intellectual property and maintaining permanent access to victims' networks for use in further attacks.
Η προειδοποίηση από τη NCSC (ανήκει στην μυστική υπηρεσία GCHQ) αναφέρει ότι συστήματα με ενεργοποιημένα τα Generic Routing Encapsulation (GRE), και Cisco Smart Install (SMI), καθώς και συσκευές που χρησιμοποιούν το Simple Network Management Protocol (SNMP) are vulnerable to attacks.
Millions of these devices around the world are reported to have been tampered with, and especially those that used the default passwords.
The warning includes details on how to secure devices that use the services: Telnet, SNMP, TFTP, and SMI while Cisco has published a set of best practices for "hardening its anti-cyber attack devices targeting network infrastructure."
The NCSC warning states:
Network devices are often easy targets. Once installed, many of these network devices do not provide security solutions like computers.
He states that few of these devices have any antivirus or security tools and that "manufacturers are manufacturing and distributing these network devices with unsafe services that allow easy installation, operation and maintenance."
Η report urges manufacturers not to design products that support legacy protocols or unencrypted functions and to design such devices to require users to change default passwords before using them.
U.S. and U.K. authorities have not said why they attribute all of these attacks to the Kremlin, but said they "believe the Russian state is behind this malicious cyber activity targeting vulnerabilities network infrastructure devices.”
The Russian embassy in the United Kingdom rejected the allegations:
We consider these accusations and accusations, impressive examples of a reckless, provocative and unfounded policy against Russia
On the other hand, Jeremy Fleming, director of the UK Information Office GCHQ, said:
They do not play with the same rules, they operate with very blurred boundaries between criminal and state activity
But does the above statement concern all secret services around the world? Namely NSA, CIA and GCHQ?
Which one does it use fair means of violating computers and hacking into infrastructure systems?
- Suitcase or Stingray: Finish the super cute with the upcoming 5G
- New law Right to repair. What it means;
