Secure IAF network under cyber attack threatSeptember 15, 2015 21:53
Cisco routers in India, Ukraine, Philippines and Mexico have been attacked by a sophisticated malicious software that possibly allows cybercriminals to harvest huge amounts of data without being detected, security solutions firm FireEye said today.
Indian Air Force's secured communication network AFNET, telecom operators and several other government departments use Cisco routers. However, it could not be ascertained which routers were compromised.
The US-based firm is a major supplier to many Indian telecom companies as well.
The attack, which uses a highly sophisticated malicious software called SYNful Knock, has been implanted in routers made by Cisco, FireEye said in its report.
"Mandiant (a FireEye company) can confirm the existence of at least 14 such router implants spread across four different countries: Ukraine, Philippines, Mexico and India," it added.
Cisco confirmed the attacks saying it has recently alerted its customers to a new sort of attack against networking devices.
"These attacks do not exploit vulnerabilities, but instead use compromised credentials or physical access to install malware on network devices. We've shared guidance on how customers can harden their network and prevent, detect and remediate this type of attack," a Cisco spokesperson said.