Aussie Biz Routers Under Attack, Top Security Team Warns
Teams of cyber crooks or spies have been breaking into the routers and switches of a number of Australian organisations and extracting configuration files, the Australian Cyber Security Centre (ACSC), has warned.
The ASCC is an Australian Government initiative. It warns that access to the devices concerned could “facilitate malicious cyber adversaries gaining access to the information that flows through the device.”
The extracted configuration files may contain sensitive information, such as device administrative credentials, and could be used to compromise the router/switch and enable targeting of other devices on the network, ACSC warns.
It adds that administrators of devices that can be directly managed from the Internet should review their logs for unusual activity. They should also disable Cisco Smart Install if it is not strictly required.
More broadly, the centre suggest that all business should move to implement the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents report which includes eight “essential” strategies the ASD reckons all businesses should get working as their minimum cyber security baseline.