SYNful knock on the OS of Cisco Systems routers

Information security specialists at FireEye have published a report on malicious modification of infrastructure solutions from Cisco. With this backdoor patch, attackers collected huge amounts of data and went unnoticed.

/ Photos by Craig Sunter CC

This problem was detected in the IT infrastructure of a number of countries: from Mexico to India. The backdoor itself operates at the OS level and is mainly aimed at stealing service access at the system administrators level. These opportunities were supposedly not in vain - such an approach implied remote access to the infected infrastructure.
')
FireEye experts emphasized the vulnerability of this element of the network infrastructure, which often allows you to access all the traffic of a company or group of companies at once. Here we are talking not only about the theft of administrator credentials, but also the potential infection of other corporate devices.

This news did not go through without official confirmation from Cisco Systems, which provided guidance for troubleshooting.

PS Other materials from our corporate blog:

• The evolution of ERP-systems: the rejection of on-site-installations in favor of cloud and hybrid solutions
• Foreign or local data placement in the cloud: pitfalls
• Moving to the cloud: the transformation of technology and business
• The first Russian BaaS platform Scorocode located in the IaaS-cloud "IT-GRAD"