Skip to main content
close search
site logo
Dive Brief

Attacks on Cisco routers more prevalent than first believed

Published Sept. 22, 2015
By
Contributing Editor

Dive Brief:

  • Last Monday, Mandiant said it had found 14 Cisco routers in four countries infected with rogue firmware, CIO reports.
  • But after a closer look, the Shadowserver Foundation found the malicious firmware installed on nearly 200 routers used by businesses from over 30 countries – many more than was originally reported.
  • The firmware provides attackers with backdoor access and the ability to install custom malware modules.

Dive Insight:

Since the find by Mandiant last week, the Shadowserver Foundation has been running a scan with Cisco's help to identify more potentially compromised devices. A total of 199 devices in 31 countries have now been found that show signs of compromise.

Attackers can control these compromised routers that sniff and modify network traffic, redirect users, and launch a variety of other attacks against local network devices.

"It is important to stress the severity of this malicious activity," the Shadowserver Foundation said. "Compromised routers should be identified and remediated as a top priority."

Cisco had issued an advisory about the issue in August, CIO reports. The affected models are no longer sold by the company. Those affected should replace Cisco firmware on integrated services routers.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Unanet Acquires GovPro AI to Enable Customers to Win More Business
From Unanet
November 22, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.