Russian Hackers Are Using Wi-Fi Routers To Hack Into Homes And Government Offices
Cyber attacks being carried out by Russian hackers seems like a news that started floating around decades ago. Time and again, we have come across instances where the US government has warned its people about the danger that Russian hackers carry. Now, a new security alert has identified that hackers are now using large numbers of routers, switches, and other network devices that are well past their last security update to compromise US homes, government offices, businesses, and critical infrastructure providers.
According to the US Department of Homeland Security and FBI and the UK’s National Cyber Security Center, Russian hackers can extract a lot of sensitive information like passwords, intellectual properties by gaining access to network devices around an office or a home. With advancements in technology and the widespread use of smart home products in a lot of places, it is hard to imagine any home or workplace to not have network devices like smart switches or WiFi routers. This is even more severe in a country like the US where the internet is so readily available and smart home products are cheaper and easy to use.
The technical alert has highlighted the severity of this situation and the timeline of the information the security personnel received.
Since 2015, the US government received information from multiple sources—including private- and public-sector cybersecurity research organizations and allies—that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide.
In a detailed account of Russian hackers misusing the poorly secured network devices in government offices and other sensitive places, the alert notice laid down different stages of the hacking process.
- Reconnaissance is the first stage when hackers identify poorly secured network ports like network management protocol
- The second stage is the weaponisation and delivery of traffic to the identified devices that cause such devices to send the hackers configuration files that contain cryptographically stored passwords and other sensitive data
- The third stage is exploitation is when attackers use this data to gain access to the compromised devices
- The final stage is command and control, wherein the hackers use the newly gained access to pose as previous or trusted users to establish a connection
Cisco, a multi-million dollar tech conglomerate has already identified that its install client was recently compromised. Cisco is a manufacturer of a lot of network devices that are used by a lot of citizens of the US.
The access gained by Russian hackers is mainly down to old network devices like routers and switches. These devices run on old firmware and are not updated to the latest security protocols allow hackers to gain remote access to the network without even installing any sort of malware. With this security alert now made available to all government officials, it is yet to be seen what the workplaces will do in order to curb the situation and make them less vulnerable to cyber attacks from Russian hackers. Until then, to protect yourself from such threats, make sure to use adequate security protocols like strong passwords and update your hardware firmware in a timely manner.