Today we released a joint advisory alongside international partners on the exploitation of network devices by cyber actors linked to the Russian Federal Security Service (FSB) Centre 16.
The advisory explains how cyber actors target internet-facing networking devices. They look for exposed management services, weak security settings, and known vulnerabilities. They use these weaknesses to steal network information and user credentials.
Cyber actors can use this information to carry out further malicious activity. The advisory highlights the need to secure network devices and fix known vulnerabilities.
Organisations that rely on internet-facing network devices may face increased risk. This includes organisations in the following sectors:
- communications
- defence industry
- energy
- financial services
- government services and facilities
- healthcare.
We strongly encourage organisations and network defenders to read the advisory. They should assess whether this activity could affect their networks. Organisations can reduce risk by securing network devices. They should apply security updates and strengthen network security controls.
These recommendations are not limited to Russian state-sponsored activity. They can also help defend against techniques used by other malicious cyber actors.
Cyber threats affect all countries. Australia and international partners encourage responsible behaviour in cyber space and support a secure environment online.