FBI Sounds Alarm Over Russia-Linked Hackers Targeting US Infrastructure

The FBI and tech giant Cisco are sounding the alarm over Russia-linked hackers targeting critical U.S. infrastructure.

Authorities say the attacks exploit a vulnerability in Cisco networking equipment, putting thousands of devices at risk.

“In the past year, the FBI detected the actors collecting configuration files for thousands of networking devices associated with US entities across critical infrastructure sectors,” the bureau said in a warning released Wednesday.

The hackers have been linked to Russia’s Federal Security Service, known as FSB, Center 16.

U.S. officials say the group, also tracked under the names Berserk Bear and Dragonfly, has spent over a decade penetrating networks using unencrypted protocols in industrial systems.

Cisco researchers identified the group as Static Tundra, per Cyber Security Drive.

They claim the hackers are focused on telecommunications, education, and manufacturing organizations globally. Most victims are located in Ukraine and allied countries, reflecting the Kremlin’s strategic priorities.

“These actors exploit a vulnerability in Cisco’s IOS software, tracked as CVE-2018-0171,” the FBI said. “The bug allows them to execute arbitrary code on unpatched and end-of-life network switches made by Cisco and Rockwell Automation.”

In some cases, the hackers reportedly modified configuration files to gain deeper access to devices and conduct reconnaissance on protocols and applications tied to industrial control systems.

Cisco warned that the attacks on Ukrainian targets have surged since Russia escalated its invasion in 2022. “Static Tundra was observed compromising Ukrainian organizations in multiple verticals, as opposed to previously more limited, selective compromises,” the company said.

Experts say the group’s operations illustrate Russia’s long-term strategy to weaken critical infrastructure abroad. The FBI emphasized that U.S. organizations must patch vulnerable systems and remain vigilant.

The agency did not comment on whether any U.S. networks had already been compromised. However, the warning underscores a growing cybersecurity risk tied directly to Russian state-backed actors.

“This is a reminder that national security extends beyond physical borders. The digital battlefield is real, and our adversaries are actively probing for weaknesses,” a cybersecurity official told reporters.

The FBI and Cisco jointly advise immediate updates to Cisco IOS devices and careful monitoring of network activity. End-of-life hardware remains a key target. Organizations are urged to replace outdated devices or apply available security patches.

This advisory follows several high-profile breaches targeting infrastructure globally. U.S. officials have repeatedly warned that Russian hackers are persistent, patient, and sophisticated. The State Department and Department of Homeland Security continue to coordinate with private firms to mitigate threats.

The Biden administration has said it is monitoring the situation, while conservatives argue previous administrations, including Trump’s, emphasized cyber defenses more aggressively.

For businesses and critical facilities, the warning is clear: vulnerabilities in networking equipment can be exploited for espionage or sabotage. Experts say preventive action now is the best way to avoid large-scale disruptions.

The FBI’s alert is a stark reminder that cyber threats from nation-state actors are ongoing. Russian hackers remain a persistent menace, capable of striking sectors vital to U.S. security, industry, and everyday life.

The post FBI Sounds Alarm Over Russia-Linked Hackers Targeting US Infrastructure appeared first on Resist the Mainstream.