Russian state-sponsored hackers are aggressively breaking into critical infrastructure networks across the United States and its allies. According to the FBI, these attacks are led by Center 16 of Russia’s FSB, a group notorious for exploiting outdated and unpatched devices – particularly older Cisco systems no longer being supported by updates.
Their latest wave of attacks exploits a weakness in Cisco’s Smart Install feature (CVE-2018-0171). By taking advantage of this flaw, hackers gain control of devices, extract sensitive data, and expand deep into networks for long-term surveillance.
What You Need to Know
- Russian groups are exploiting outdated Cisco hardware in the private and public sectors.
- Attacks focus on Smart Install misconfigurations to seize device control.
- Victims often remain compromised for years, with few signs of intrusion.
- Stolen credentials and configuration files enable wider network access.
- Custom malware ensures persistence and evades detection.
The best defense begins with basic but urgent steps.
Organizations are advised to patch or disable Cisco Smart Install after deployment, review patch management processes, and retire unsupported hardware as quickly as possible. Continuous monitoring for unusual configuration changes and network activity is also essential.
We’ll continue to keep you informed about emerging Voice and IT news. Meanwhile, schedule some time with our local experts to discuss your business communications and technology challenges.
Contact CTS today at 800.787.4848 or jnolte@ctsmd.us.