Skip to main content

Devices Attached To Corporate Networks Are Being Targeted

By August 20, 2019May 16th, 2022Cybersecurity

Grim news comes out of Russia, as reported by Microsoft.  The tech giant has been tracking the activities of a Russian hacking group that goes by the name of Strontium. Their other names include APT28 and Fancy Bear.

Microsoft has confirmed that the group was behind a new attack that took place in April of this year (2019).

This is the group that claimed responsibility for both the attack on the Democratic National Committee during the run up to the 2016 election and the NotPeya attacks against the Ukraine in 2017.

In addition to targeting political groups in Europe and North America, Strontium members have been upping the stakes by compromising large numbers of popular IoT devices such as VOIP phones, printers, security cameras and the like. They have been using those devices to breach corporate networks.

The company had this to say about their recent findings:

“The investigation uncovered that an actor had used these devices to gain initial access to corporate networks.  In two of the cases, the passwords for the devices were deployed without changing the default manufacturer’s passwords, and in the third instance the latest security update had not been applied to the device.

Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data.”

Fortunately, Microsoft was able to stop this attack in its tracks early on, but the motives behind it remain cloudy and uncertain.  Even so, Microsoft has committed itself to closely monitoring the activity of this group in particular. In the past year, they have sent out more than 1,400 notifications to global corporations and nation states about the activities of the group.

It is incredibly likely that this group will be at the forefront of whatever attacks the Russians have planned to influence the outcome of the 2020 US Presidential election.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.