Photographer: Andrew Harrer
Photographer: Andrew Harrer
Cisco Systems Inc. was engaged as part of an alleged Russian campaign that has assassinated the private government and the private sector and left competent security experts across the country to assess the extent of the damage.
Some internal machines used by Cisco researchers were targets, the network equipment maker said. The company said its security team moved quickly to fix the problem and that the “affected software” has been “attenuated.”
“At this time, no impact is known on Cisco’s offerings or products,” the company said in a statement. “We continue to investigate all aspects of this evolving situation with the highest priority.”
Cisco used popular software internally based in Texas SolarWinds Corp. which has been at the center of attacks so far. Hackers inserted a malicious backdoor into SolarWinds’ Orion software which they then used as a setting for subsequent attacks. SolarWinds customers who accessed the updates between March and June were infected with the back door, up to 18,000 customers, according to the company.
It is not known how many Orion software users were actually attacked by hackers, but almost certainly far fewer.
“While Cisco does not use SolarWinds Orion for its management or oversight of enterprise networks, we have identified and mitigated the affected software in a small number of lab environments and a limited number of employee endpoints,” according to the statement. of the company. Endpoints refer to employee devices, such as computers.
Network management and monitoring are key parts of Cisco machinery and software that directly address data traffic moving across a network. Access to this flow could provide a malicious actor with several avenues to cause harm.
According to a person familiar with the incident, approximately two dozen computers in a Cisco lab were compromised.
Cisco is the largest manufacturer of network equipment in the world and provides hardware and software that are the backbone of the Internet and are central to corporate and governmental computer networks around the world.
A company spokesman declined to comment beyond what Cisco said in a written statement.
The number of victims compromised by a sophisticated Russian cyber attack has continued to rise since December 8, when the cybersecurity company FireEye Inc. announced that it had been hacked using SolarWinds software.
Cisco default occurs a day later Microsoft Corp. said their systems were exposed to malicious updating.