Hackers hijacking routers and blackmailing firms to regain access

A Cisco engineer is warning of scams by hackers who hijack routers and blackmail companies to regain access.

Recounting incidents he heard at Black Hat 2008 in Washington D.C. last month, Brian Wilson, a.k.a Slimjim100 blogger, wrote: "I have heard of reports where this is happened to a large multi-site company and they where blackmailed for money to get access back to there routers ... In the case of this reported company,  the cost of sending people out to password recover the routers was a lot more than the blackmailer's offer so the company paid them and then locked down the devices after they regained access." He says the incident could have been avoided using Access Control Lists and having an understanding of how the network is designed. Wilson also advises companies that have had their routers compromised in this way to reload IOS and review configs once they regain access as hackers could load non-Cisco patches to the network OS.

Read more about this story in the Brad Reese on Cisco blog.

More from Cisco Subnet:

* Cisco Subnet's Top 20 Cisco Press books: How do you rate them?

* Which vendors' certifications are the most popular for exam cheaters?

* Cisco joins open source software body

* Suspect Cisco cards being offered for sale

* How to establish an architecture revision process

* Ciena: A little known manufacturer that's showing the way

* Security wireless networks: Using the wireless network to monitor itself

* Scientific-Atlanta officially loses its name - sign of things to come for Linksys?

* The CCNP $5,000 question

* Salary survey says CCIE pay is slipping

* Understanding MPLS label distribution

* Why an economic recession could leave companies wide open to cyber attacks

* March Giveaways: Win access to Tech 2000's CCNA Lab Simulator; win a copy of Cisco Networking Simplified, 2nd Edition

Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Recent Cisconet blog entries

20 useful sites for Cisco networking professionals

Network World's IT Buyer's Guide: Cisco products

Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Jim Duffy has been covering technology for over 28 years, 23 at Network World. He covers enterprise networking infrastructure, including routers and switches. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy and at jduffy@nww.com.

Copyright © 2008 IDG Communications, Inc.