Hackers use Cisco Router flaws to attack Iran, 3,500 routers hacked
According to Iranian State News Agency (IRNA) reported on April 7, a statement made by the Communication and Information Technology Ministry said that “The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.”. In addition, some European countries and India are also affected by this attack. The statement said that during the attack, hackers attacked Internet service providers and disrupted users’ network access.
Iranian Minister of Information and Communication Technology, Mohammad-Javad Azari Jahromi subsequently published a hacking code map on social network Twitter. The figure shows “Don’t mess with our elections.” message, and used characters to form an American flag.
بررسیهای اولیه حاکی از آن است که در تنظیمات مسیریابهای مورد حمله قرار گرفته، با حک پرچم ایالت متحده، اعتراضی درباره انتخابات آمریکا صورت گرفته است. دامنه حملات فراتر از ایران است. منشا حملات در دست بررسی است pic.twitter.com/L8erHB52j1
— MJ Azari Jahromi (@azarijahromi) April 6, 2018
Azari Jahromi said it is not clear which individual or organization launched the cyber attack. At present, 95% of attacked routers have returned to normal.
According to Reuters, hackers attacked by using a vulnerability in Cisco routers. The company earlier issued warnings and updated patches. However, some companies have not yet installed patches.
Cisco’s Talos Security Intelligence and Research Group researcher Nick Biasini posted a blog on Thursday (April 5th) saying that several (hacking) incidents occurred in multiple countries, including some attacks specific to critical infrastructure involve loopholes in smart installation protocols. “As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.”
On Saturday night, Cisco stated that the above message is to identify weaknesses for customers and eliminate the threat of cyber attacks.
Cisco is the world’s largest router vendor. In September 2015, multinational Cisco routers were hacked and stolen from massive amounts of information.
