Apr 23 2018

Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

Recently, the FBI, DHS, the United Kingdom’s National Cyber Security Centre released a joint Technical Alert describing worldwide cyber attacks from Russian state-sponsored cyber actors. In this alert, the United States Computer Emergency Readiness Team (“US-CERT”) announced that the Russian government sponsored cyber attacks that enabled intellectual property theft and espionage. According to the alert, Russian cyber actors can obtain this access to information by finding vulnerabilities on devices/networks such as:

  • Devices with legacy unencrypted protocols or authenticated services,
  • Devices insufficiently hardened before installation
  • Devices no longer supported with security patches by manufacturers or vendors (end-of-life devices)
  • Networks without constant anti-virus and security checks
  • Networks designed to be easily installed and without general security measures
  • Networks that do not perform regular updates

Through these vulnerabilities in networks and devices, cyber actors potentially could:

  • Map internal networks
  • Steal login credentials
  • Redirect traffic of networks
  • Masquerade as privileged users

In using these tactics, malicious cyber actors could steal intellectual property and compromise critical infrastructure. Similarly, this means that your home, office, gym, school, or any other organization’s network could be vulnerable to a cyberattack.

While it’s unlikely that nation-state actors will target your private devices,, it’s prudent to highlight what you can do to ensure your network and devices are secure, and your information safe. Below are some measures you can take to safeguard your network.

  1. Make sure your firewall is active on routers, access points, computers, or any devices with firewall capabilities.
  2. Check all network devices for latest firmware, and then update if available
  3. Avoid using the same password for multiple devices and networks
  4. Avoid passwords that are easily guessable (e.g. “password123″)
  5. Ensure all computers AV are up to date

Following these steps is key to preventing unfriendly third parties from accessing the information flowing through your network. With the ever growing sophistication and amount of cyberattacks around the globe, keeping your networks and devices protected is necessary to the safety of your digital info.

If you have any questions about this alert could impact your business or personal life, feel free to send us a message at contact@layer8security.com.