報告指有高風險的網絡攻擊正針對存有漏洞的網絡裝置。用戶應立即安裝修補程式及加強所有網絡裝置的保安。對於近期保安警報A18-03-07中提到 Cisco Smart Install (SMI) 漏洞的相關攻擊已經被公開,用戶亦應優先為這些受影響的裝置安裝修補程式。
US-CERT、英國國家網路安全中心(NCSC)以及Cisco已分別發布保安警報和建議,就網絡基建裝置,例如路由器、交換器、防火牆、及網絡入侵偵測系統等裝置的網絡攻擊提供資訊。為了降低網絡攻擊的風險,用戶應參考最佳作業實務以保護所有網絡裝置,包括面向互聯網及網絡內部的設備。用家尤其應立即採取以下措施:
詳情請參考以下的網頁(只限英文版本)。
https://www.us-cert.gov/ncas/alerts/TA18-106A
https://www.ncsc.gov.uk/alerts/russian-state-sponsored-cyber-actors-targeting-network-infrastructure-devices
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180416-tsa18-106a
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180416-tsa18-106a
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170214-smi
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0171