Cisco Systems Inc has warned that hackers have infected at least 500 000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber-attack on Ukraine.
Cisco’s Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign, dubbed VPNFilter, because the hacking software shares code with malware used in previous cyber-attacks that the US government has attributed to Moscow.
Commenting on the threat, Phil Neray, VP of Industrial Cybersecurity at CyberX, a critical infrastructure and industrial cybersecurity firm based in Boston, said:
"This is a very sophisticated, multi-stage malware that allows attackers to spy on all network traffic and deploy destructive commands to industrial devices in critical infrastructure networks.”
“Russian threat actors have previously used similar tactics in cyberattacks on the Ukrainian electrical grid. While the recent burst of activity also targets the Ukraine, the malware exploits vulnerabilities in devices that are widely used around the world -- which means the same attack infrastructure could easily be used to target critical infrastructure networks in the US, the UK, Germany and any other countries seen as enemies of the attackers."
Read the article online at: https://www.worldpipelines.com/equipment-and-safety/25052018/cyberx-vp-comments-on-russian-cyber-threat/