back to article Compromised Cisco routers spotted bimbling about in the wild

More than a dozen compromised router infections have been found in the wild, all targeting Cisco kit as part of sophisticated attempts to hack into corporate and government networks. Once considered only a theoretical risk, the finding of malware-infected routers by FireEye/Mandiant shows that the threat is all too real. A …

  1. Anonymous Coward
    Anonymous Coward

    Hold them accountable

    Cisco should be held criminally responsible for this and all other Cisco hardware/software defects.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hold them accountable

      How are Cisco in any way accountable for this? - This is a clear case of credential abuse/loss. It's been clearly stated there is no vulnerability in any Cisco products which has caused this. The only thing this proves is the Password model is broken and gives further weight to organisations deploying next gen AAA services and 2 factor authentication.

  2. thames

    So who did it then?

    Why is it that when the country that may have done it is someone like China or Russia, their names are shouted from the rooftops by every news source, but when the target list and modus operandi suggests that it was the US who did it the press gets all coy and doesn't want to talk about it?

    That's very, very, odd, isn't it? I mean we do have a free press who will fearlessly report the facts, right? Or do we?

  3. Anonymous Coward
    Anonymous Coward

    Ah, but the Press are, for the most, corporations too. They have their own interests as well which may or may not be in Accord with society's or individuly. Whose interest's are negatively affected when it's the NSA vice China or Russia? You might ask the New York Times.

  4. Anonymous Coward
    Anonymous Coward

    Perhaps if Cisco actually offered software updates without needing to pay, people wouldn't be downloading these "Malicious ROMMONs"

    1. Sandgroper

      Clearly someone that does not know what they are talking about. ROMMONs are not the IOS software on the platform, they are the equivalent of a BIOS. People do not download "ROMMONs" in order to run unlicensed IOS software. Malicious ROMMONs are installed on machines are intercepted in transit and the ROMMONs replaced.

      1. diodesign (Written by Reg staff) Silver badge

        Re: Sandgroper

        "Malicious ROMMONs are installed on machines are intercepted in transit and the ROMMONs replaced."

        Sorta hit the nail on the head, huh?

        C.

    2. Anonymous Coward
      Anonymous Coward

      Why shouldn't you have to pay? Updates come under a support and maintenance contract. Stop trolling.

  5. pompurin

    Mandatory MD5/SHA hash on reboot then, preferably SHA as MD5 is broken. I thought most ultra secure places did these sort of integrity checks.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020