World

Cisco Cyberattack Targeted Russian-Language Internet Segment - Kaspersky Lab

MOSCOW (Sputnik) - A recent cyberattack that exploited the vulnerability in Cisco switches targeted mainly the Russian-language segment of the Internet, cybersecurity and anti-virus provider Kaspersky Lab said Saturday.
Sputnik

A global hacking attack, which used flaws in the equipment of the Cisco company took place on Friday. The vulnerability in the Cisco devices able to support the Smart Install technologies has allowed the hackers to create a program infecting the commutators with malware deleting the existing information and replacing it with own files. According to Cisco, thousands devices in different countries have been vulnerable to the attack. The company has warned its consumers about the vulnerabilities and issued a patch to fix the flaw.

READ MORE: Russia's Kaspersky Lab Exposes Pentagon's Cyber-Espionage Program

"It seems that the attack is mostly targeting the Russian-speaking segment of the Internet, yet other segments are clearly more or less affected as well," Kaspersky Lab said in its blog.

The company explained that the attack was performed through a software vulnerability.

Kaspersky Lab Registers Cyberattacks Targeting Russian Media Websites
"An unknown threat actor is exploiting a vulnerability in a piece of software called Cisco Smart Install Client, which allows them to run arbitrary code on the vulnerable switches. The malefactors then rewrite the Cisco IOS image on the switches and change the configuration file, leaving a message that reads 'Do not mess with our elections' there," the company said.

As a result, the switch then becomes unavailable, it added.

As Cisco switches are widely used in data centers, it leads to the inaccessibility of many popular websites, the company noted.

Kaspersky Lab also provided an instruction to system administrators on how to fix the problem and eliminate the vulnerability.

Discuss