Follow
US-CERT: Alert (TA18-106A)
Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
@JWilliams it's also the reason I'm in the process of swapping D-Link switches out for Ubiquiti equipment. Nothing is perfect, but I'll take actively supported and updated equipment over the "buy and forget" stuff from most vendors any day.
@JWilliams thank you!
"Legitimate user masquerade is the primary method by which these cyber actors exploit targeted network devices. In some cases, the actors use brute-force attacks to obtain Telnet and SSH login credentials. However, for the most part, cyber actors are able to easily obtain legitimate credentials, which they then use to access routers"
@JWilliams this point:
"ISPs do not replace equipment on a customer’s property when that equipment is no longer supported by the manufacturer or vendor."
...was a big reason why I went from using a Linux-based Actiontec FIOS router that hadn't seen any available updates in years to using OpenBSD-based firewalls and routers at the network border.
#CoSoSec