• Log in
  • About Us
  • Privacy Policy
  • Contact us
Telecoms IT News - VanillaPlus
  • Home
  • News
  • Verticals
    • 4G
    • 5G News
    • Big data analytics
    • Bill & Charge
    • CEM
    • Companies
    • Digital transformation
    • Fraud prevention
    • Managed services
    • Network optimisation
    • NFV Hub
    • OSS
    • People
    • Policy
    • Revenue assurance
    • Revenue management
    • Service assurance
    • Service Provisioning
    • Test & measurement
  • Digital Edition
  • Events
    • Events diary
    • Webinars
  • Videos
  • VP Featured
    • Webinars
    • Podcast
    • Editorial advisory board
    • Expert opinions
    • Hot List
    • Operator View
    • Press releases
    • Reports & whitepapers
    • Special reports
    • Talking Heads
    • Troubleticket
    • Digital Talking Heads
  • Directory
  • Tech Trends
  • Subscribe
 

You are here:

  • Home
  • Companies
  • Cisco warns that 500,000 routers and devices infected by hackers ahead of football Champions League final in Kiev, Ukraine

Cisco warns that 500,000 routers and devices infected by hackers ahead of football Champions League final in Kiev, Ukraine

24 May, 2018 at 12:27 PM

Posted by: Zenobia Hegde

Cisco warns that 500,000 routers and devices infected by hackers ahead of football Champions League final in Kiev, Ukraine
Olimpiyskiy National Sports Complex in Kiev, Ukraine

Cisco Systems warned yesterday that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software. This is thought by Cisco to be in preparation for another massive cyber attack on Ukraine in a bid to disrupt the Champions League final in Kiev, capital of Ukraine.

The malware, which has been called VPNFilter by Cisco, could be used for espionage as well as to destroy the devices that it has infected.

Commenting on the report, Steve Giguere, lead EMEA engineer at Synopsys says: “There is every bit of evidence to suggest that the VPNFilter is targeted at the Ukraine. Elements of its character tie back to the same nation-state sponsored threat actor APT28 (Fancy Bear), that were connected to the disruptive malware NotPetya which ‘coincided’ with the Ukraine’s Constitution Day last year.

“With this weekend’s final, being a potentially larger international spectacle, this could be the 2018 version. As for whether it’s an attempt to de-stabilise the country, it comes as a bit of a 2-for-1 deal as its ability to ‘brick’ it’s host device could be an element that is deployed shortly after its primary task is either completed or at risk of failure.

It’s primary task is however, unknown. As it appears to be monitoring industrial Modbus SCADA protocols, perhaps the timing of the Champions League final is a distraction. Researchers are already making progress at shutting down the malware’s command and control centres, but, with such a widespread deployment it will be a race against time to see if it can be neutralised prior to initiating.”

Nation state surveillance or sabotage

This is borne out by Ashley Stephenson, CEO at Corero Network Security who adds, “Once again, a significant community of vulnerable devices is being pursued by hackers. We cannot know the hackers’ true motivation at this point or even if they are part of a single group but some of the reported capabilities of the observed exploits suggest more of a nation state surveillance or sabotage mission rather than commercially motivated data theft or DDoS.

“This report also highlights the increasing security industry attention being paid to botnet formation through observations of vulnerability scanning, honeypot exploit attempts, and C&C communication intercepts.” Stephenson adds, “We often know about potential threats earlier in their lifecycle, before the actual attacks are launched. Ironically, the cybersecurity community is relatively powerless to intervene before these weaponised IoTs are activated so we must continue to prepare our cyber defences and response strategies for future attacks.”

Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus


category: Companies, Devices and Modules, News, People, Security

Tags: Ashley Stephenson, Cisco, Corero Network Security, Cyber, Honeypot, Synopsys

VanillaPlus Q3 Magazine
 

VanillaPlus Magazine Issue 1 2022: Why IT must catch up with OT to enable 5G monetisation

Is creativity a bridge too far for CSPs? As communications service providers (CSPs) engage in new digital value chains, collaborate with partners and participate in multi-directional business models, George Malim shares a tale of two bridges

READ NOW

Comments are closed.

  • Facebook
  • Twitter
  • YouTube
  • LinkedIn
  • Subscribe
Relax time
Read the new novel by J.J. Cowan on Africa’s conflict minerals trade and forced labour. 5* Reviews on Amazon.co.uk Paperback & Kindle

Check out on Amazon

X

Be the first to know!

  • The top telecom IT news stories of the minute
    in your inbox
  • Exclusive offers for entry into hundreds of
    events worldwide
  • Free access to a huge selection of the latest
    analyst reports and whitepapers
Subscribe now so you don't miss out
Don’t show me this again
Please check your email
x
Vanillaplus - The Global Voice of Telecoms IT
The Global Voice of Telecoms IT

VanillaPlus is the world-leading resource covering digital transformation for the communications industry. VanillaPlus brings you exclusive News, Expert Views, and Event Reviews. See Interviews from CEOs, CTOs, and COOs who are successfully transforming their business today.

Connect

Facebook Twitter YouTube LinkedIn

NEWS

  • Latest Telecoms IT news

DIGITAL EDITION

  • Latest Editions

OTHER

  • Newsletters [Archive]

KNOWLEDGE CENTRE

  • Webinars
  • Special Reports
  • Talking Heads
  • Editorial Advisory Board

COMPANY

  • About
  • Contact Us
  • Terms & Conditions
  • Privacy Policy

PARTNERS

  • IoT News

© 2014-2022 VanillaPlus - The global voice for telecoms IT. All rights reserved.