Russia accused of hijacking routers around the world
Looks like it’s time to change the default password on your router, especially if you operate a home office. According to information supplied by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the British National Cyber Security Centre (NCSC), government-backed Russian hackers have been busy over a considerable period of time infiltrating vulnerable network devices for a number of reasons. The alert published by CERT states the Kremlin-backed clandestine operatives are carrying out the attacks for the following purposes:
[...] to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.
According to the alert, systems that have been affected include Generic Routing Encapsulation (GRE) enabled devices, Cisco Smart Install (SMI) enabled devices, and Simple Network Management Protocol (SNMP) enabled network devices. The report then offers technical solutions for those who are concerned about being hacked by Russian agents, beyond switching the device off and on again.
Russia has been accused of utilizing aspects of cyberwarfare on numerous occasions, such as during the 2016 United States elections, the 2016 UK referendum on exiting the EU (“Brexit”), and being behind the 2017 French President e-mail leaks.