Governments to enterprises: Improve your router security hygiene

Actors have exploited, at the very least, CVE-2018-0171 (published in 2018) and CVE-2008-4128 (published in 2008), according to the bulletin. Both of these targeted Cisco routers, giving remote, unauthenticated attackers the ability to execute arbitrary code, take unauthorized actions, or cause a denial of service (DoS).

Notable groups using this method are known to the security community as “Berserk Bear,” “Crouching Yeti,” “Dragonfly,” “Energetic Bear,” “Ghost Blizzard,” and “Static Tundra.” According to the bulletin, the industries most vulnerable to Russian state-sponsored cyber actors include communications, energy, financial services, defense industrial bases, healthcare and public health facilities, and government services and facilities.

A set-and-forget approach, even in 2026

The problem with router hygiene is that devices are susceptible to a “confluence of typical enterprise shortcomings” when it comes to operationalizing security, noted Info-Tech’s Ioussoufovitch.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *