The FBI has added Russian hackers to its list of things to avoid. The agency warns that hackers not only use compromised routers but also move things between computers. Some manufacturers and companies mentioned that hackers illegally utilized their individual and business routers for cybercrimes against the US government.
In a joint statement with the National Security Agency (NSA), US Cyber Command, and the Intelligence Services of 10 other countries, the FBI stated that the aim was to gain access to government networks.
FBI Press Announcement
During its announcement, the FBI said that router users are the hackers’ targets. This includes the Ubiquiti Edge Routers, which the FBI stated come from the factory with their security settings turned off.
Hence, they are highly prone to cyber-attacks. They are common for home and office use because of their affordable price—$59 for the company’s cheapest model. “Ubiquiti EdgeRouters have a user-friendly, Linux-based operating system,” the FBI wrote in the joint statement. “That makes them popular for both consumers and malicious cyber actors.”
The FBI suspects an agency, GRU Military Unit 26165 – also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. It is worth noting that if EdgeRouter is compromised, the appearance of a routine reboot does not exclude the presence of malware or the operation of foreign powers in this equipment.
ALSO READ: California Parolee Steals $900 Worth of LEGO Sets, Jumps out of Moving Car During Escape
Recommendations Against Hackers for Ubiquiti EdgeRouter Owners
The FBI recommends a few steps for anyone who owns a Ubiquiti EdgeRouter to ensure its safety. Some of the steps include disposing of all the settings and historical files (also called malicious files) in file storage systems (also called file systems). Users can dispose of them using a hardware factory reset.
The agency also recommends that users install the latest stable version. Afterward, users should modify any default credentials and/or access details to secure their accounts. Lastly, they should install tactical firewall policies on the WAN-side subsystems to eliminate any probability that remote management services are unintentionally exposed.
FBI Suggests What to Do to Keep Your Software Safe From Hackers
The FBI noted, “Furthermore, every network manager, whether corporate or household, should keep their software, operating systems, and firmware updated.” The agency highlights in the joint statement that Ubiquiti EdgeRouters have a user-friendly Linux-based operating system, making them preferable for consumers and malicious hackers.
Generally, people ship EdgeRouters with default credentials and without firewall protections so that wireless internet service providers (WISPs) can successfully use them. Moreover, EdgeRouters do not update firmware automatically unless you configure them to do so.
These routers were secretly included in the botnet, which was used for spearphishing cybercrimes whose victims didn’t even know that they were accomplices.
ALSO READ: Court Sentences Former CIA Agent to Forty Years in Prison for Largest Data Breach in Agency History
Basis of the Attacks
These specific attacks aim to steal login credentials, which commonly come from government employees, to gain access to secure data. In a spearphishing attack, a targeted individual is a specific person.
The victim may receive a legitimate-looking email from a commonly used website. Spearphishing emails may ask them to update their Amazon password or change their Netflix payment method, for example. But when they click the link, it redirects them to a fake website that looks just like the real thing.
The agency also notes that the link might redirect the victim to the actual website after they enter their username and password. However, the hacker already has their details. The FBI asserts that the Russian Federation’s Main Intelligence Directorate General Staff controls the botnet hosting these spearphishing landing sites.
FBI Further Speaks on How to Contain the Attacks
The FBI advises network owners to ensure that their operating systems, software, and firmware are up to date. “One of the best practices an organization can take toward having less vulnerability to cybersecurity threats is timely patching,” the agency said.
In mid-February, the FBI announced that it had thwarted a Russian botnet Controlled by GRU. Employing hundreds of such routers, GRU Military Unit 26165 was responsible for covering up and leading various cybercrimes.
“The crimes included widespread spearphishing,” the FBI claimed at the time. “And similar credential harvesting campaigns against intelligence interests of the Russian government.” The agency added, “This also includes the US and foreign governments and military, security, and corporate organizations.”
You May Also Like:
Zoë Kravitz, Denzel Washington, Honor Lenny Kravitz During Hollywood Walk of Fame Ceremony
“My Body Collapsed,” Sutton Stracke Opens Up About Mysterious Medical Emergency RHOBH Reunion
Muni Long Says She Wrote Rihanna’s “California King Bed” in 10 Minutes