A recent joint statement from the United States Department of Homeland Security, Federal Bureau of Investigation, and the United Kingdom’s National Cyber Security Centre highlighted the potential threat posed by the targeting of routers and other network infrastructure by Russian state-sponsored hackers. These attacks are believed to be pursuing government, private-sector, ISPs and infrastructure providers, according to Tech Republic.
Routers are particularly targeted due to their high involvement in normal network operations, their potential use for man-in-the-middle attacks, and their potential security weaknesses – in many cases, due to the variety of router models number of devices, security updates are not regularly performed.
The report recommends minimizing risk to your organization by blocking Telnet use, as well as SNMPv1 and v2c, and ensuring passwords are not duplicated or left at device defaults.
Source:
