Menu
Cisco routers breached as hackers warn Iran with US flag post

Cisco routers breached as hackers warn Iran with US flag post

Attack made possible by a vulnerability in routers from Cisco

Hackers have attacked networks in a number of countries including data centres in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections", the Iranian IT ministry said on Saturday.

"The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country," the Communication and Information Technology Ministry said in a statement carried by Iran's official news agency IRNA.

The statement said the attack, which hit internet service providers and cut off web access for subscribers, was made possible by a vulnerability in routers from Cisco which had earlier issued a warning and provided a patch that some firms had failed to install over the Iranian new year holiday.

A blog published on Thursday by Nick Biasini, a threat researcher at Cisco's Talos Security Intelligence and Research Group, said: "Several incidents in multiple countries, including some specifically targeting critical infrastructure, have involved the misuse of the Smart Install protocol...

"As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths."

On Saturday evening, Cisco said those postings were a tool to help clients identify weaknesses and repel a cyber attack.

Iran's IT Minister Mohammad Javad Azari-Jahromi posted a picture of a computer screen on Twitter with the image of the U.S. flag and the hackers' message. He said it was not yet clear who had carried out the attack.

Azari-Jahromi said the attack mainly affected Europe, India and the United States, state television reported.

"Some 55,000 devices were affected in the United States and 14,000 in China, and Iran's share of affected devices was 2 percent," Azari-Jahromi was quoted as saying.

In a tweet, Azari-Jahromi said the state computer emergency response body MAHER had shown "weaknesses in providing information to (affected) companies" after the attack which was detected late on Friday in Iran.

Hadi Sajadi, deputy head of the state-run Information Technology Organisation of Iran, said the attack was neutralized within hours and no data was lost.

(Reporting by Dubai newsroom, additional reporting by Dustin Volz in Washington; editing by Ros Russell and G Crosse)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentsecurityciscoData Centrecyber

Featured

Slideshows

Meet the leading customer-centric Microsoft channel partners

Meet the leading customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the leading customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments