Review the links below on device hardening to learn about and enable available security features.Our advice to customers is to review their device configurations, ensure security features are enabled, and improve their ability to resist attack with the following steps: And any weaknesses found will be exploited. In today’s world, any device connected to a network will sooner or later be probed for weaknesses. Should this situation change and we discover the use of a vulnerability, Cisco will disclose in accordance with our Security Vulnerability Policy.
There has been no evidence of a Cisco bug or vulnerability being exploited. Once rebooted, these devices became non-operational, affecting connectivity to the global Internet.Ĭisco PSIRT, together with other internal Cisco teams, responded to support affected customers, review configuration backups of affected devices, and to analyze all available log files and Netflow information.Īt this time, we have seen a common element across all inspected devices: a combination of weak credentials and a lack of device hardening. Our ongoing investigation has shown that the storage of some Cisco devices was erased, removing both the Cisco IOS and device configuration from the non-volatile RAM. We responded quickly to support speedy restoration for our customers. On April 13th, 2015, Cisco PSIRT was made aware of multiple instances of customer disruption in a specific region caused by a denial of service attack against Cisco devices.
0 kommentar(er)
