Western Infrastructure at Risk: US, UK, and Russia Warn of Government Hackers and Cyber Attacks.
TL;DR Summary
APT28, a Russian state-sponsored hacking group, has been deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers to gain unauthenticated access to the device. The malware is injected directly into the memory of Cisco routers running older firmware versions and exfiltrates information from the router while providing backdoor access. The threat actors exploit the CVE-2017-6742 SNMP vulnerability to install the malware. Cisco recommends upgrading routers to the latest firmware, switching from SNMP to NETCONF/RESTCONF, and configuring allow and deny lists to restrict access to the SNMP interface.
- US, UK warn of govt hackers using custom malware on Cisco routers BleepingComputer
- Russian hackers targeting Western critical infrastructure, UK says Reuters
- Russian hackers want to ‘disrupt or destroy’ UK infrastructure, minister warns The Guardian
- UK’s cyber defence organisation issues warning about Russian hackers targeting Western critical infrastructure Firstpost
- Russian-aligned cyber groups are seeking to target Western infrastructure, U.K. says NBC News
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
3 min
vs 4 min read
Condensed
86%
648 → 89 words
Want the full story? Read the original article
Read on BleepingComputer