Joint Advisory Warns of Russian FSB Attacks on Critical Infrastructure

Joint Advisory Warns of Russian FSB Attacks on Critical Infrastructure

First seen 13 Jul 2026, 13:28 UTC BleepingcomputerFeeds.4SysopsInfosecurity-MagazineComputingYle.Fi+6 85% similarity 80.8

Article Content

Browse articles
ThreatCluster

On July 13, 2026, cybersecurity agencies from 12 countries issued a joint advisory about Russian state hackers from the FSB Center 16 targeting vulnerable routers worldwide. These actors exploit weak Simple Network Management Protocol (SNMP) passwords and known vulnerabilities in Cisco devices, specifically CVE-2018-0171 and CVE-2008-4128. The sectors most at risk include communications, defense, energy, financial services, government, and healthcare. The advisory emphasizes the need for organizations to implement SNMPv3, disable legacy SNMP versions, and adopt strong password policies. The UK government also sanctioned 24 individuals and entities linked to these cyber operations. Recent attacks attributed to FSB Center 16 include a failed attempt to compromise Poland's energy grid, which could have impacted 500,000 citizens. The advisory builds on previous warnings and highlights the ongoing threat posed by Russian cyber actors.

Key Points: • Russian FSB Center 16 is targeting critical infrastructure through vulnerable routers. • Organizations are urged to implement SNMPv3 and secure their network devices against known CVEs. • The UK has sanctioned 24 individuals and entities linked to these cyber operations.

ThreatCluster AI

Timeline

2008-09-18
CVE-2008-4128 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2018-03-28
CVE-2018-0171 published
A vulnerability in Cisco's Smart Install feature was disclosed, allowing unauthorized access to devices.
Bleepingcomputer
2021-11-03
CVE-2018-0171 added to CISA KEV
CVE-2018-0171 was recognized for active exploitation, prompting urgent attention from cybersecurity agencies.
Bleepingcomputer
2026-07-13
Joint advisory issued
Cybersecurity agencies from 12 countries warned of Russian state hackers targeting critical infrastructure.
Computing
2026-07-13
UK sanctions announced
The UK government sanctioned 24 individuals and entities linked to destructive cyber operations attributed to Russian intelligence.
Infosecurity-Magazine
Recent
Failed attack on Poland's energy grid
A cyber attack attributed to FSB Center 16 targeted Poland's energy infrastructure, potentially affecting 500,000 citizens.
Infosecurity-Magazine

Community

Browse all →