The FBI, U.S. Department of Homeland Security and U.K. National Cyber Security Centre issued a joint technical alert on alleged Russian state-sponsored cyberattacks targeting international network infrastructure devices April 16.
The three agencies collaborated to assess reports that cyberattackers supported by the Russian government have targeted various network infrastructure devices worldwide since 2015.
They determined targets tend to include routers and switches at government organizations, private-sector corporations and critical infrastructure providers. Other systems affected include generic routing encapsulation-enabled devices, Cisco smart install-enabled devices and simple network management protocol-enabled network devices.
"FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations," the alert reads.
The purpose of the alert is to inform network device vendors, internet service providers, public-sector organizations, private-sector corporations and small office home office customers about the alleged Russian government campaign.
The alert also contains technical details on the techniques used by the cyberattackers and provides information on how to identify malicious activity.
To access the technical alert, click here.