The Australian Signals Directorate (ASD) has issued a joint warning alongside nearly two dozen partner agencies about Russian-linked hackers targeting critical Australian industries.
The ASD has highlighted poorly secured network devices as easy targets for hackers linked to Russia’s Federal Security Service (FSB).
It says cyber actors operating for the FSB are targeting critical infrastructure in countries across the globe, including sectors such as financial services, healthcare, defence and communications.
It revealed state and local government agencies as particularly vulnerable.
ASD says hackers target poorly protected routers, and use simple tools, like guessing default passwords. (AAP: Lukas Coch)
The hackers target poorly protected routers and use simple tools, like guessing default passwords, to gain access and steal information like login details.
The ASD warning has been issued alongside the United States National Security Agency (NSA) and similar agencies in countries including the UK, New Zealand, Canada, Finland, France and Denmark, among others.
It points to a range of hacking groups it says are frequently responsible, like Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard and Static Tundra.
And it suggests some simple steps that can be taken, such as basic network updates, securing network devices and improving passwords.
Alastair MacGibbon, a former head of the Australian Cyber Security Centre, said similar notices have been issued over a number of years.
“There’s a unit of one of Russia’s intelligence agencies that spent more than a decade essentially breaking into routers and switchers that direct traffic inside organisations,” he told ABC.
“It’s not sophisticated, but it works really well. It’s the equivalent of walking around the internet and rattling the doors of organisations to see if they’ve been essentially left in a factory setting.
“And that allows eventually that intelligence agency to gain access to an organisation.”

Australian Signals Directorate data shows a cybercrime report is made about every six minutes. (ABC News: Aiden Daly)
Five Eyes countries (Australia, the UK, US, New Zealand and Canada) issued a joint warning last month about the cyber risk posed by artificial intelligence, urging industry and government agencies to pull systems offline that do not need to be online.
Mr MacGibbon said that advice applies in this situation too.
“These are essentially routers, many of which should be sitting behind firewalls; they should never really be accessible to the internet,” he said.
“Remembering that a lot of organisations don’t really think about security at all, or they don’t realise that they have these routers exposed to the internet.
“What it means is that essentially in a really high-scale way, the Russians are just walking around the internet looking for an exposed vulnerability to this old protocol, which should never be exposed in a modern world to the internet.”
Click Here For The Original Source.
