- Category
- Latest news
Russian State-Linked Hackers Breach US Critical Infrastructure in Cyber Operation
- Authors
![Photo of Cyril Barabaltchouk]( "Photo of Cyril Barabaltchouk")
-72b63a4e0c8c475ad81fe3eed3f63729.jpeg "Photo of Cyril Barabaltchouk")
Hackers associated with Russia’s cyber espionage units have been exploiting a vulnerability in outdated Cisco corporation software, targeting thousands of networking devices critical to global infrastructure. The breach, which has spanned over the last year, was revealed by both the FBI and Cisco on August 20, according to a report by Reuters.
The hackers, believed to be part of the Russian Federal Security Service (FSB) Center 16, have been systematically extracting configuration files from various devices. According to Cisco Talos researchers Sara McBroom and Brandon White, the leaked information can later be used strategically, aligning with Russia’s ongoing national interests.
Cisco’s research unit emphasized that the stolen data, often modified for long-term access, could also serve reconnaissance purposes, particularly in areas critical to national security such as industrial control systems.
In a separate advisory, the FBI confirmed it had detected the hackers collecting configuration files from “thousands of networking devices associated with US entities across critical infrastructure sectors.” The agency noted that, in some instances, the hackers gained prolonged access to these networks, allowing them to gather intelligence with a focus on industrial control systems, a key area of concern for national security, Reuters claimed.
-0fbfaea359cd2b00ddf9d206db1c87eb.png)
The Russian government has consistently denied engaging in cyber espionage operations. The Russian embassy in Washington, D.C., did not immediately respond to a request for comment from Reuters.
The hackers exploited a vulnerability in Cisco’s IOS software, a flaw that’s reportedly been present for over seven years. They specifically targeted unpatched and outdated devices, leaving many exposed to further breaches.
Cisco Talos researchers also noted that this type of attack is not exclusive to the FSB, with other state-backed hackers likely conducting similar operations aimed at compromising these devices.
The hackers’ focus has predominantly been on sectors such as telecommunications, higher education, and manufacturing, across North America, Europe, Asia, and Africa. Cisco’s researchers indicated that these entities were deliberately chosen based on their strategic importance to the Russian government.
The cyber espionage group responsible for the attacks has previously been charged by the US Department of Justice for targeting the global energy sector between 2012 and 2018, highlighting the scale and depth of its operations.
Previously, it was reported that a Russian state-linked hacking group has been conducting a sweeping cyberespionage operation targeting foreign embassies and diplomats in Moscow, according to a report from Microsoft’s Threat Intelligence team.
