Bleepingcomputer
Russian FSB Exploits Vulnerable Routers to Target Critical Infrastructure
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The advisory highlights the use of default or weak Simple Network Management Protocol (SNMP) passwords to access sensitive systems in sectors such as defense, energy, healthcare, and finance. Recent attacks have been attributed to the FSB's Center 16, which has been linked to a failed cyberattack on Poland's energy grid in December 2025 that could have left 500,000 citizens without power. The advisory also emphasizes the exploitation of vulnerabilities in Cisco devices, particularly CVE-2018-0171 and CVE-2008-4128. Organizations are urged to enhance their router security by implementing stronger authentication methods and disabling legacy protocols. The UK and EU have imposed sanctions on 24 individuals and entities connected to these cyber operations. This ongoing threat underscores the need for improved cybersecurity hygiene across critical sectors.
Key Points: • Russian FSB's Center 16 is targeting critical infrastructure by exploiting weak router security. • Key vulnerabilities include CVE-2018-0171 and CVE-2008-4128, affecting Cisco devices. • The UK and EU have sanctioned 24 individuals linked to Russian cyber operations.