Cisco reveals it has been under attack for years: $570 million says you can hack Cisco too

Earlier this week it was reported that a group of hackers that go by the name Shadow Brokers hacked the Equation Group, a group of hackers outed by Kaspersky Labs with having close ties to the National Security Agency.

The Shadow Brokers published a blog post that contained links to spying tools, as well as a blockchain address for the auction of the data they have collected. Though the Equation Group and the NSA have failed to comment on the hack, security experts at that time believed that the hacking tools were legit and looked like something the NSA would use. Some of the tools uncovered in the said hack include programs such as EXTRABACON, POLARSNEEZE, JETPLOW, FEEDTROUGH and BANANAGLEE. The latter three have appeared in a compilation of NSA’s top secret surveillance tools.

There were speculations that Russia was behind the Shadow Brokers, which NSA-whistleblower Edward Snowden backs. In a series of tweets after the news broke, Snowden explained that this is more of “diplomacy than intelligence, related to the escalation around the DNC hack,” and that the “Circumstantial evidence and conventional wisdom indicates Russian responsibility.” He goes on to explain that “This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.” Some may see the auction of the tools as merely a distraction of sorts, but security companies are not taking the leak lightly.

Proof of Cisco attack

Cisco Systems, Inc. has confirmed that the NSA-linked tools have targeted its Adaptive Security Appliance and PIX firewalls. Though one of the vulnerabilities were patched in 2011, the other was a new discovery that has gone undetected for years. Cisco has yet to release an update to fix the vulnerability, but has released signature that are able to detect exploits and stop them before they do damage.

Another security company affected by the leak is Fortinet which revealed that the vulnerability affects FortiGate firmware 4.3.8 and below, 4.2.12 and below, and 4.1.10 and below, which were released before August 2012. Fortinet has also released a fix for this. 

As for the auction, it seems no one is taking it seriously, probably because of its absurd target amount of 1,000,000 bitcoins which amounts to $570 million.

Image source:

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top