Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Cisco router break-ins bypass cyber defenses

Cisco router break-ins bypass cyber defenses


Reuters - (International) Security researchers from FireEye discovered attacks in August across multiple industries and government agencies on three continents in which Cisco 1841, 2811, and 3825 routers were implanted with the sophisticated SYNful Knock malware, which can duplicate normal router functions and jump from router to router using device syndication functions. Researchers believe attackers accessed the devices by stealing valid network administration credentials or by gaining direct physical access.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:25:14