Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.

The FBI has put out an advisory warning that Russian state-sponsored hackers are actively exploiting a long-known vulnerability in outdated Cisco networking devices to infiltrate US critical infrastructure and conduct cyber-espionage.

Getting into it: The FBI revealed that the hacking group behind the attacks is tied to Center 16 of Russia’s Federal Security Service (FSB), a unit long suspected of conducting cyber-operations against Western targets. According to the agency, these state-sponsored actors have been harvesting files from thousands of networking devices across key sectors in the United States, including energy, telecommunications, and manufacturing. The bureau stated that in some instances, the hackers modified these files to enable unauthorized, persistent access to the networks. Once inside, the group conducted reconnaissance activity with a particular focus on industrial control systems, the technology that powers critical infrastructure operations.

The FBI attributed the campaign to a threat group commonly tracked by researchers as Berserk Bear, which has a track record of targeting US and European energy sectors. These actors have been exploiting a seven-year-old vulnerability in Cisco’s Smart Install feature, known as CVE-2018-0171, which allows attackers to execute code on vulnerable devices. Many of these devices are now end-of-life and unpatched, making them an easy entry point into larger networks.

This all comes as the FBI continues to issue escalating warnings about both Russian and Chinese state-sponsored hackers embedding themselves within US critical infrastructure networks. These operations, officials say, are not merely about intelligence gathering; they are part of a broader strategy to prepare digital battlegrounds for potential future conflicts.

Former FBI Director Christopher Wray and top US military generals have publicly stated that foreign adversaries are positioning themselves to launch disruptive cyberattacks on American soil in the event of a geopolitical crisis. The goal, they warn, is to create chaos and confusion at home, targeting essential services like power, water, transportation, and communication systems, which could ultimately complicate or delay any US military response abroad.