Secure the Cisco IOS and IOS XE Smart Install Feature

Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors

Russian state-sponsored actors are responsible for activity targeting Cisco devices using the Smart Install feature worldwide, including Australia.

Organisations are advised to identify Cisco devices running Smart Install within their networks, evaluate the need of running this feature, and remove or secure the feature as required. Both the ACSC and Cisco documentation contain details on how to accomplish this.

Cisco has published the actions needed to secure the Smart Install feature in, Action Required to Secure the Cisco IOS and IOS XE Smart Install Feature.

Preventing malicious activity

Organisations are advised to identify Cisco devices running Smart Install within their networks, evaluate the need of running this feature, and remove or secure the feature as required. Both the ACSC and Cisco documentation contain details on how to accomplish this.

Related information

Contact

If you find any evidence of this activity, report the incident to the ACSC via email or call the 24/7 Hotline for urgent assistance on 1300 CYBER1 (1300 292 371)

Related alert
Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Icon for Report Report a cyber security incident for critical infrastructure Icon for becoming a alerts Get alerts on new threatsAlert Service Icon for becoming a partner Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Authorised by the Australian Government, Canberra