State Sponsored Cyber Attack Identified – 500,000 Routers and Storage Devices

By   ISBuzz Team
Writer , Information Security Buzz | May 25, 2018 04:20 am PST

Earlier today, Cisco Talos identified an advanced state-sponsored network of at least 500,000 infected home office/small office routers and storage devices preparing for a destructive global attack. According to reports, this is one of the largest networks of coordinated infected devices ever seen, it shares commonalities with attacks that the US Government has attributed to Russian entities and the Ukraine is one of the most heavily infected countries. Natan Bandler, CEO and Co-founder at Cy-oT commented below.

Natan Bandler, CEO and Co-founder at Cy-oT:

“You cannot be 100% certain that you are patched and secure all the time, and it definitely can’t happen when you’re talking about operational systems, infrastructure or devices like routers. Such infrastructure can be infected and can be hacked – even more so when talking about nation state level attacks.

“Yes, we should expect governments to protect other governments or to protect organisations, but unfortunately there is no single international cyber defence entity that does that. Hopefully we can expect this at some point, and there is currently collaboration between different law enforcement agencies about cybersecurity, but it’s not at a level where the internet police of the world will detect or stop such attacks.

“So, it’s the responsibility of organisations and other governments to protect themselves. Just trusting the equipment, be it network equipment or the routers themselves, to be protected is not enough. We’re talking about devices, networks or infrastructures, the role of which is first and foremost to be able to transfer traffic from point to point. They are operational. We’re not talking about security equipment or security solutions.

“Organisations should be protected by a security solution that is monitoring whatever their equipment is doing, whatever their devices are doing and whatever their networks are doing. And whenever there is a breach, such a solution should be able to detect it and to stop it.

“Security should be separate from operation and we cannot trust devices whether they are attacked by a government or just by a school kid using an exploit they discovered.”