Tags: cisco | router | cyber attack | hack

Cisco Router Attacks Duck Cyber Defenses, Hit 4 Countries

Cisco Router Attacks Duck Cyber Defenses, Hit 4 Countries
(Dollar Photo Club)

Tuesday, 15 September 2015 07:49 AM EDT

Security researchers say they have uncovered previously unknown attacks on routers which direct traffic around the Internet, allowing hackers to harvest vast amounts of data while going undetected by existing cybersecurity defenses.

The attacks replace the operating system used in network equipment from Cisco, the world's biggest maker of routers, the computer forensic arm of U.S. security research firm FireEye, Mandiant, said on Tuesday.

So far, Mandiant has found 14 instances of router implants in India, Mexico, Philippines and Ukraine, the company said in a blog post (http://bit.ly/1ObMm7u).

Separately, Cisco confirmed that it had alerted customers to these attacks on Cisco operating system software platforms.

The company said that it had worked with Mandiant to develop ways for customers detect the attack, which if found, will require them to re-image the software used to control their routers.

"If you own (seize control of) the router, you own the data of all the companies and government organizations that sit behind that router," FireEye Chief Executive Dave DeWalt said of his company's discovery.

Routers operate outside the perimeter of firewalls, anti-virus and other security tools which organizations around the world use to safeguard data traffic.

Effectively, the $80 billion which technology market research firm IDC estimates is spent annually on cybersecurity tools offer no protection against this form of attack, according to FireEye.

The malicious program has been dubbed "SYNful", a reference to how the implanted software can jump from router to router using their syndication functions.

Computer logs from infected routers suggest the attacks have been taking place for at least a year, FireEye's DeWalt said.

Cisco said SYNful did not take advantage of any vulnerability in its own software. Instead it stole valid network administration credentials from organizations targeted in the attacks or by gaining physical access to their routers.

The affected routers have been used to hit multiple industries and government agencies, DeWalt said.

The implanted software, which duplicates normal router functions, could also potentially affect routers from other makers, he said.

© 2024 Thomson/Reuters. All rights reserved.


Companies
Security researchers say they have uncovered previously unknown attacks on routers which direct traffic around the Internet, allowing hackers to harvest vast amounts of data while going undetected by existing cybersecurity defences. The attacks replace the operating system...
cisco, router, cyber attack, hack
333
2015-49-15
Tuesday, 15 September 2015 07:49 AM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
Get Newsmax Text Alerts
TOP

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
MONEYNEWS.COM
© Newsmax Media, Inc.
All Rights Reserved
NEWSMAX.COM
MONEYNEWS.COM
© Newsmax Media, Inc.
All Rights Reserved