The FBI and tech giant Cisco are sounding the alarm over Russia-linked hackers targeting critical U.S. infrastructure.
Authorities say the attacks exploit a vulnerability in Cisco networking equipment, putting thousands of devices at risk.
“In the past year, the FBI detected the actors collecting configuration files for thousands of networking devices associated with US entities across critical infrastructure sectors,” the bureau said in a warning released Wednesday.
The hackers have been linked to Russia’s Federal Security Service, known as FSB, Center 16.
U.S. officials say the group, also tracked under the names Berserk Bear and Dragonfly, has spent over a decade penetrating networks using unencrypted protocols in industrial systems.
Cisco researchers identified the group as Static Tundra, per Cyber Security Drive.
They claim the hackers are focused on telecommunications, education, and manufacturing organizations globally. Most victims are located in Ukraine and allied countries, reflecting the Kremlin’s strategic priorities.
“These actors exploit a vulnerability in Cisco’s IOS software, tracked as CVE-2018-0171,” the FBI said. “The bug allows them to execute arbitrary code on unpatched and end-of-life network switches made by Cisco and Rockwell Automation.”
In some cases, the hackers reportedly modified configuration files to gain deeper access to devices and conduct