Nation-state hackers hit Cisco switches
Hackers, some of them backed by a nation-state, have attacked Cisco switches in multiple countries, the tech giant’s cyberthreat intelligence division has revealed. Some of the attacks “are believed to be associated with nation-state actors, such as those described” in a recent Department of Homeland Security report that said Russian government hackers were targeting multiple U.S. industries, Cisco said. The campaign disclosed by Cisco exploits a protocol in a tool called Cisco Smart Install Client that installs switches. The protocol can be abused to conduct a series of actions, including modifying a server setting, to let an attacker execute Cisco networking software commands. Cisco used the scanning tool Shodan to identify more than 168,000 systems that could be vulnerable to this attack. A March 15 DHS report blamed Russian government hackers for a multi-stage hacking campaign against the nuclear, critical manufacturing, and other U.S. sectors. The U.S. effort to call out alleged […]
The post Nation-state hackers hit Cisco switches appeared first on Cyberscoop.