Russian Hackers Targeting US Critical Infrastructure: FBI Warns | World News

The FBI has warned that hackers linked to Russia have been targeting thousands of networking devices connected to critical infrastructure IT systems since last year by exploiting a flaw in outdated Cisco software.

Russia’s FSB Involved

According to a threat advisory published on the Cisco Talos blog by researchers Sarah McBroom and Brandon White, the hacking group exploiting the flaw, known as Static Tundra, is a Russian government-sponsored cyber espionage unit linked to the FSB’s Center 16, which has been active for more than a decade and specializes in hacking network devices to gather persistent intelligence.

Hackers Exploiting 7 Old Vulnerability

According to the advisory, hackers are exploiting a seven-year-old vulnerability in Cisco IOS software and targeting unpatched and end-of-life network devices.

“The group actively exploits a seven-year-old vulnerability (CVE-2018-0171), which was patched at the time of the vulnerability publication, in Cisco IOS software’s Smart Install feature, targeting unpatched and end-of-life network devices to steal configuration data and establish persistent access,” it said. 

The advisory warns that other state-backed cyber groups are also conducting similar attacks on network devices, underscoring the urgent need for widespread patching and security enhancements across all organizations.

“The threat extends beyond Russia’s operations — other state-sponsored actors are likely conducting similar network device compromise campaigns, making comprehensive patching and security hardening critical for all organizations. Threat actors will continue to abuse devices which remain unpatched and have Smart Install enabled,” the advisory read. 

Hackers Target

The advisory says the main targets are organizations in the telecommunications, higher education and manufacturing sectors in North America, Asia, Africa and Europe, chosen due to their strategic importance to the Russian government.

“Primary targets include organizations in telecommunications, higher education and manufacturing sectors across North America, Asia, Africa and Europe, with victims selected based on their strategic interest to the Russian government,” the advisory added. 

In March 2022, the US Department of Justice filed charges against four Russian nationals for their involvement in illegally targeting the global energy sector from 2012 to 2018.

ALSO READ: North Korea’s Secret Missile Base Revealed: US Report Claims Nuclear Capable Facility Near China Border