A Russian state-sponsored cyber espionage group has been targeting Cisco devices to gather intelligence useful to the Russian government, according to the threat intelligence research team Cisco Talos.
The group, known as Static Tundra, has been operating for more than a decade and is linked to Russia’s Federal Security Service (FSB).
Cisco Talos researchers note that Static Tundra hackers utilize a seven-year-old vulnerability in Cisco IOS software’s Smart Install feature. The hackers specifically target unpatched and end-of-life Cisco network devices at organizations in the telecommunications, higher education and manufacturing sectors across North America, Asia, Africa and Europe.
The researchers note the victims are picked “based on their strategic interest to the Russian government.”
“Since at least 2021, Static Tundra has been observed aggressively exploiting CVE-2018-0171, a known and patched vulnerability in Cisco IOS software and Cisco IOS XE software that could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device…
We assess that Static Tundra’s two primary operational objectives are 1) compromising network devices to gather sensitive device configuration information that can be leveraged to support future operations, and 2) establishing persistent access to network environments to support long-term espionage in alignment with Russian strategic interests.”
Follow us on X, Facebook and TelegramDon't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Surf The Daily Hodl Mix
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Featured Image: Shutterstock/ValDan22
