back to article Cisco mess from 2017 becomes tool for state-sponsored infrastructure attacks and defacements

Cisco's Smart Install software has become the vector for a series of infrastructure attacks and politically-motivated defacements. Cisco's own Talos security limb reports that bad actors, some likely state-supported, have been scanning Switchzilla devices to see if they run Smart Install. The tool is insecure-by design because …

  1. Korev Silver badge
    WTF?

    Question

    Why do people have switches facing the Internet, shouldn't they be firewalled off?

    1. Sir Runcible Spoon Silver badge
      Thumb Up

      Re: Question

      I'm glad that was the first question, exactly what I was going to ask, although ISP switches are, by necessity, on the internet (although their management IP's should not be).

      El Reg is slightly behind the curve on reporting this as I saw it on RT yesterday (I know the vultures are at their watering holes at the weekend ;)) - RT did report that this hit a number of ISP's - I can't imagine why any ISP would have to rely on such an install process in the first place, not withstanding that their management IP's are exposed.

    2. sanmigueelbeer Silver badge

      Re: Question

      Why do people have switches facing the Internet

      Smart Install isn't only used by switches. Cisco Routers also support Smart Install.

      I've been using Smart Install for years and all the switches it has built have "no vstack" in them (even before the first Cisco Security Vulnerability was announced).

  2. the spectacularly refined chap

    Or you could use Cisco's patch from 2017, which it seems a remarkable number of people did not deploy!

    Yes, this has nothing at all to do with limiting the availability of even security patches to those willing to be gouged for a support contract.

    1. sanmigueelbeer Silver badge

      this has nothing at all to do with limiting the availability of even security patches to those willing to be gouged for a support contract.

      One doesn't need a support contract to disable Smart Install. All it takes is one command. That's all.

  3. Destroy All Monsters Silver badge
    Childcatcher

    "Do not mess with our elections”

    "We are big enough to them hanging chad tier crap all by ourselves"

    No icon for idiocracy?

    That loony guy will have to do.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Do not mess with our elections”

      Perhaps they should have done a denial of service on fbcdn.net.

  4. John Smith 19 Gold badge
    Unhappy

    "if they run Smart Install. "

    Not in fact very smart at all.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019