THE U.S. government warns that Russian state hackers are targeting home and small office routers to compromise them for malicious activities against sensitive sectors. Cybersecurity and Infrastructure Security Agency (CISA) indicates that these actors exploit poorly configured devices worldwide to access critical infrastructure. They use compromised routers as exit nodes to conceal their attacks, reducing detection chances.
CISA's advisory recommends disabling SNMP versions 1 and 2, using strong passwords, and regularly updating firmware as preventive measures against such intrusions. Additionally, the advisory highlights similar activities by Chinese hackers, though this report focused on Russian actions.