Nation-state hackers hit Cisco switches

Hackers, some of them backed by a nation-state, have attacked Cisco switches in multiple countries, the tech giant’s cyberthreat intelligence division has revealed. Some of the attacks “are believed to be associated with nation-state actors, such as those described” in a recent Department of Homeland Security report that said Russian government hackers were targeting multiple U.S. industries, Cisco said. The campaign disclosed by Cisco exploits a protocol in a tool called Cisco Smart Install Client that installs switches. The protocol can be abused to conduct a series of actions, including modifying a server setting, to let an attacker execute Cisco networking software commands. Cisco used the scanning tool Shodan to identify more than 168,000 systems that could be vulnerable to this attack. A March 15 DHS report blamed Russian government hackers for a multi-stage hacking campaign against the nuclear, critical manufacturing, and other U.S. sectors. The U.S. effort to call out alleged […]

The post Nation-state hackers hit Cisco switches appeared first on Cyberscoop.

Continue reading Nation-state hackers hit Cisco switches

U.S. indicts hackers over terabytes worth of intellectual property theft

The Trump administration has announced indictments and sanctions against multiple hackers who acted as contractors for a secretive branch of Iran’s armed forces. On Friday, the Justice Department unsealed charges against nine Iranian nationals for hacking into the networks of multiple U.S. universities, municipal governments and other American businesses. The hackers sought to steal research and leverage the high bandwidth networks for future operations. A senior U.S. official who spoke on condition of anonymity explained the White House believes the punishment will be more damaging than similar indictments against other nation-states that have attacked U.S. companies, like Russia or China. This is because many of those named are private citizens that currently enjoy the ability to travel internationally and some even own assets abroad. Government officials do not expect the same from those indicted in previous instances. “These nine Iranian nationals allegedly stole more than 31 terabytes of documents and […]

The post U.S. indicts hackers over terabytes worth of intellectual property theft appeared first on Cyberscoop.

Continue reading U.S. indicts hackers over terabytes worth of intellectual property theft

Dyn DDoS Work of Script Kiddies, Not Politically Motivated Hackers

Researchers at Flashpoint said Friday’s DDoS attack against DNS provider Dyn was likely the work of script kiddies and not advanced attackers. Continue reading Dyn DDoS Work of Script Kiddies, Not Politically Motivated Hackers