FBI warns Russian hackers exploiting Cisco flaws to target U.S. infrastructure

The FBI is warning that Russian government hackers are exploiting vulnerabilities in outdated Cisco networking equipment to target computer networks and critical infrastructure, according to the Internet Crime Complaint Center.

In a public alert on Wednesday, the FBI said cyber actors tied to Russia’s Federal Security Service (FSB), specifically its Center 16 unit, have been attempting to break into thousands of devices across the United States and abroad.

The hackers took advantage of outdated Cisco systems and weak security protocols to collect sensitive configuration files and, in some cases, modify them to allow unauthorized access.

The FBI said the activity shows the hackers’ interest in technology commonly used to run industrial control systems, which are vital to sectors such as energy, transportation, and water utilities.

Cybersecurity experts know the FSB’s Center 16 under names like “Berserk Bear” and “Dragonfly.” For more than a decade, this group has carried out intrusions worldwide, often focusing on devices that still rely on outdated and unencrypted communications.

The FBI also noted the group’s history of using custom malware on Cisco devices, such as the “SYNful Knock” program discovered in 2015.

Officials urged anyone who suspects they have been targeted or compromised to contact their local FBI field office or file a report through the agency’s Internet Crime Complaint Center.