{"id":5408,"date":"2018-04-07T07:30:06","date_gmt":"2018-04-07T05:30:06","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=5408"},"modified":"2024-10-01T15:10:24","modified_gmt":"2024-10-01T13:10:24","slug":"cisco-warns-against-state-hacker-attacks-on-networks","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/04\/07\/cisco-warns-against-state-hacker-attacks-on-networks\/","title":{"rendered":"Cisco warns against state hacker attacks on networks"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/04\/07\/cisco-warnt-vor-staatlichen-hackerangriffen-auf-netzwerke\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]The vendor of switches and other network components warns its customers against attacks by government hackers on critical infrastructure. Vulnerabilities in Cisco products can be a gateway for such attacks.<\/p>\n<p><!--more--><\/p>\n<p>Yesterday I reported in the article <a href=\"https:\/\/web.archive.org\/web\/20240103210018\/https:\/\/borncity.com\/win\/2018\/04\/06\/critical-vulnerability-in-cisco-switches\/\">Critical vulnerability in Cisco switches<\/a> about a security hole in Cisco products. The company has provided updates to close the vulnerabilities. Cisco prompts Smart Install client users to patch and securely configure the software. <\/p>\n<p>Security researchers from Cisco's Talos Intelligence Group reports that attackers exploit vulnerabilities in Cisco's Smart Install Client to gain access to providers of critical infrastructure. <\/p>\n<p>The security researchers state that the attacks are carried out by national hackers. They refer to the latest US CERT warnings. This addresses suspected attacks <a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA18-074A\" target=\"_blank\" rel=\"noopener\">by the Russian government<\/a> on U.S. agencies and organizations in the fields of energy, nuclear power, commercial facilities, water, aviation and critical production areas in detail. Symantec calls this hacker group <a href=\"https:\/\/www.zdnet.com\/article\/hackers-are-attacking-power-companies-stealing-critical-data-heres-how-they-are-doing-it\/\" target=\"_blank\" rel=\"noopener\">Dragonfly<\/a>.<\/p>\n<p>Security researchers from the security company Embedi found out that millions of Cisco network devices are vulnerable to an open TCP 4786 port. Cisco itself has also noticed a huge increase in traffic to the TCP 4786 port, which began in November 2017 and peaked in April 2018. <\/p>\n<p><img decoding=\"async\" title=\"Traffic zu CISCO Smart Install Clients\" alt=\"Traffic zu CISCO Smart Install Clients\" src=\"https:\/\/www.bleepstatic.com\/images\/news\/u\/986406\/Charts\/Cisco-attack-traffic.png\"><br \/>(Traffic on CISCO Smart Install Clients, Source: Bleeping Computer) <\/p>\n<p>The security warning concerns a Cisco Security Advisory issued in February 2017. Following the publication of the Advisory, an increase in Internet scans for Smart Install instances was observed. The aim is probably CISCO devices that have been set up without adequate security controls. Further details can be <a href=\"https:\/\/www.zdnet.com\/article\/ciscos-warning-watch-out-for-government-hackers-targeting-your-network\/\" target=\"_blank\" rel=\"noopener\">at ZDNet.com<\/a> or at <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cyber-attacks-on-us-critical-infrastructure-linked-to-cisco-switch-flaw\/\" target=\"_blank\" rel=\"noopener\">Bleeping Computer<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The vendor of switches and other network components warns its customers against attacks by government hackers on critical infrastructure. Vulnerabilities in Cisco products can be a gateway for such attacks.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[1354,69],"class_list":["post-5408","post","type-post","status-publish","format-standard","hentry","category-security","tag-cisco","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5408","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=5408"}],"version-history":[{"count":2,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5408\/revisions"}],"predecessor-version":[{"id":35111,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/5408\/revisions\/35111"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=5408"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=5408"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=5408"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}