Government blames Russia-backed hackers for 2017 attacks on networking gear
- 17 April, 2018 08:54
The Australian government has blamed Russian state-sponsored hackers for a spate of attacks last year targeting Cisco networking gear.
The federal government issued a statement supporting claims by the US and UK governments that the attacks could be attributed to “Russian state-sponsored actors”.
“While a significant number of Australian organisations have been affected by this activity, there is no indication Australian information has been successfully compromised,” said a statement released by the minister for law enforcement and cyber security, Angus Taylor.
“The Australian Cyber Security Centre has engaged relevant Australian organisations, including through their internet service providers, to provide mitigation advice.”
In February Canberra joined the US and British governments in blaming Russia for last year’s NotPetya ransomware wave.
The ACSC in August warned businesses to lock down their networking gear after a number of organisations were targeted by attackers seeking to access the configuration files of Internet-facing routers in the hope of obtaining device admin credentials.
The centre said that organisations with Cisco network switches with the company’s Smart Install feature accessible from the Internet, and routers and switches that have SNMP accessible from external networks are vulnerable.
“Since 2015, the US and UK Governments have received information from multiple sources — including private and public sector cybersecurity research organisations and allies — that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide,” states a new advisory issued by the UK National Cyber Security Centre.
“The US and UK Governments assess that cyber actors supported by the Russian government carried out this worldwide campaign. These operations enable espionage and intellectual property that supports the Russian Federation’s national security and economic goals.”
“Commercially available routers were used as a point of entry, demonstrating that every connected device is vulnerable to malicious activity,” Taylor said today.
“This attempt by Russia is a sharp reminder that Australian businesses and individuals are constantly targeted by malicious state and non-state actors, and we must maintain rigorous cyber security practices.”