
Cisco warns 500,000 routers have been hacked in suspected Russian attack - yankcrime
https://www.cnbc.com/2018/05/23/cisco-warns-500000-routers-hacked-in-suspected-russian-attack.html
======
remingtonc
Technical breakdown at
[https://blog.talosintelligence.com/2018/05/VPNFilter.html](https://blog.talosintelligence.com/2018/05/VPNFilter.html)
\- "While the list may not be complete, the known devices affected by
VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in
the small and home office (SOHO) space, as well at QNAP network-attached
storage (NAS) devices."

------
MR4D
I wonder if the Russian media publishes stories like this, but instead with
the ending “...suspected NSA attack.”

We all know they all do it. Is it just news because it’s the Russians this
time?

~~~
thephyber
There is a difference between Russian _state-owned_ media and one of many US-
based but _privately-owned_ news companies.

Answer to your question[1]. It looks more level-headed than your insinuation,
but certainly targeted at undermining the US's (White House, Pentagon,
NSA/other intel agencies, Congress, legislators, think tanks) authority in the
cyber realm.

[1]
[http://lmgtfy.com/?q=site%3Ahttps%3A%2F%2Fsputniknews.com%2F...](http://lmgtfy.com/?q=site%3Ahttps%3A%2F%2Fsputniknews.com%2F+\(us%7Cpentagon%7Cnsa\)+cyber)

------
mindslight
Hopefully, having converged on this Schelling point of "Russian attack!", the
so-called cyber [0] intelligence industry will have soon rendered itself moot.

[0] a/s/l ?

------
crb002
Interesting spin on Cisco getting caught yet again putting backdoors into
their routers.

~~~
mr_overalls
> We are unsure of the particular exploit used in any given case, but most
> devices targeted, particularly in older versions, have known public exploits
> or default credentials that make compromise relatively straightforward.

Granted, this info is coming from Cisco, but it looks like no back door is
necessary in this case.

