China’s BlackTech reported to have gained control of Cisco routers


American and Japanese authorities are warning Chinese actors known as BlackTech have been taking over routers, singling out Cisco units, via weak admin credentials and modified firmware.

Cisco has responded by saying there is no evidence any security vulnerabilities were involved in the attacks.

The warning was co-authored by America’s National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA), along with Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC).

The advisory published by CISA said BlackTech, who also go by the names Palmerworm, Temp.Overboard, Circuit Panda or Radio Panda, target “government, industrial, technology, media, electronics, and telecommunication sectors, including entities that support the militaries of the US and Japan”, and have been active since 2010.

Leave a Reply