Nearly 200 Cisco routers are infected with malware that lets hackers hijack the devices.
A major cyber attack on Cisco routers is worse than previously thought, according to a report Monday by the research group on security Shadowserver Foundation.
Hackers have installed a type of malware called bad Flame SYNfull almost 200 Cisco routers used by companies around the world, the report said. The malware is dangerous since it allows attackers to hijack the devices used to direct traffic to the Internet and steal corporate data.
Previously, the security company FireEye Feye -4.87% reported that only 14% 0.56 CSCO Cisco routers companies in India, the Philippines, Mexico and Ukraine have been infected by malware. Report Monday Shadowserver Foundation, however, shows that the router is now involved in 31 countries, with 65 of the devices located in the United States.
Based on the report, it seems that the United States is an important goal of all those responsible for the hack. India ranks second after the United States 12 router manipulated followed by Russia, which has 11. The report does not say which companies were affected. There have been reports of business information to be stolen because of vulnerability.
Shadowserver partnership with Cisco to address malware attack, according to a blog written by Omar Santos, chief engineer of the incident response team of security products Cisco. Cisco and Shadowserver are scanning the Internet to determine the severity of infections router, said Santos. "We believe that this activity supports Cisco's efforts are already underway to identify and alert customers of potential exposures," wrote Santos.
Knock SYNfull malware is said to influence the old Cisco router models that are no longer sold. Cisco has recently published an online information to help users whose computers are infected with the virus. Last week, a spokesperson for Cisco told Reuters that Cisco has achieved customers and telling them how to "harden their network, and prevent, detect and correct this type of attack."
At that time the FireEye CEO Dave DeWalt told Reuters that the attack was so sophisticated malware only "a handful of players in the nation-state" could not pull off.DeWalt say which countries are suspected to be responsible for the attack.
Hackers have installed a type of malware called bad Flame SYNfull almost 200 Cisco routers used by companies around the world, the report said. The malware is dangerous since it allows attackers to hijack the devices used to direct traffic to the Internet and steal corporate data.
Previously, the security company FireEye Feye -4.87% reported that only 14% 0.56 CSCO Cisco routers companies in India, the Philippines, Mexico and Ukraine have been infected by malware. Report Monday Shadowserver Foundation, however, shows that the router is now involved in 31 countries, with 65 of the devices located in the United States.
Based on the report, it seems that the United States is an important goal of all those responsible for the hack. India ranks second after the United States 12 router manipulated followed by Russia, which has 11. The report does not say which companies were affected. There have been reports of business information to be stolen because of vulnerability.
Shadowserver partnership with Cisco to address malware attack, according to a blog written by Omar Santos, chief engineer of the incident response team of security products Cisco. Cisco and Shadowserver are scanning the Internet to determine the severity of infections router, said Santos. "We believe that this activity supports Cisco's efforts are already underway to identify and alert customers of potential exposures," wrote Santos.
Knock SYNfull malware is said to influence the old Cisco router models that are no longer sold. Cisco has recently published an online information to help users whose computers are infected with the virus. Last week, a spokesperson for Cisco told Reuters that Cisco has achieved customers and telling them how to "harden their network, and prevent, detect and correct this type of attack."
At that time the FireEye CEO Dave DeWalt told Reuters that the attack was so sophisticated malware only "a handful of players in the nation-state" could not pull off.DeWalt say which countries are suspected to be responsible for the attack.
0 comments:
Post a Comment
Note: only a member of this blog may post a comment.