“The current state of U.S. network devices — coupled with a Russian government campaign to exploit these devices — threatens the safety, security, and economic well-being of the United States,” the alert stated.
According to CERT, the systems affected are: Generic Routing Encapsulation (GRE)-enabled devices,, Cisco Smart Install (SMI)-enabled devices and Simple Network Management Protocol (SNMP)-enabled network devices.
So, how do you protect your data?
The warning includes a list of things individuals and businesses can do to protect data.
Change all default passwords.
Make sure network devices are up-to-date.
Make sure you are using firmware from a trusted source.
For internet service providers and manufacturers:
Review network device
Do not support out-of-date, unencrypted, or unauthenticated protocols and services.
Flag as suspicious and investigate SMI traffic arriving from outside the network boundary.
Click here to read the statement from the United States Computer Emergency Readiness Team.