Russian State Hackers Compromise Home and Business Routers: CISA Warns
> cd .. / HUB_EDITORIALE
News

Russian State Hackers Compromise Home and Business Routers: CISA Warns

[2026-07-14] Author: Ing. Pietro Maiorana
> share
Zenithby Meteora Web The operating system for your business. Social, clients, bookings and invoices in one platform. Gyms, barbers, professionals. Discover Zenith Free demo · no card

Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly configured and vulnerable networking devices worldwide, compromising multiple critical infrastructure networks. The warning was jointly issued by the US Cybersecurity and Infrastructure Security Agency (CISA) and governments of Australia, Denmark, New Zealand, and the United Kingdom. According to experts, compromised routers are used as proxies to mask cyber attacks against sensitive organizations in both public and private sectors.

A persistent threat involving China and the US

For years, Russian and Chinese governments have competed for control of routers, often in prolonged digital tug-of-war. The United States has occasionally issued covert commands and taken steps to disinfect routers, but these actions are little more than whack-a-mole exercises as attackers quickly replace dismantled botnets with new ones. Google and other companies have also worked to disrupt massive botnets, but the phenomenon is constantly evolving. Router compromise remains one of the most insidious threats to global cybersecurity.

Sponsored Protocol

Proxy networks as a go-to tool for hackers

According to the CISA report, actors from FSB Center 16, tracked under names such as Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra, operate opportunistically. They primarily target home and small office routers with outdated firmware or weak passwords. Once compromised, devices become part of a vast proxy network that obscures malicious activities. This technique makes it difficult to trace attacks and attribute them to specific groups. Authorities recommend regularly updating firmware, changing default passwords, and disabling remote access when not needed.

Sponsored Protocol

For more context on international sanctions against cyber actors, read the article OFAC Sanctions Take Down t.me for Hours, which illustrates a domain block linked to international designations. Additionally, Satya Nadella Warns Companies of Risks in Proprietary AI Models offers insights on protecting sensitive data in an evolving threat landscape.

For more information on the Russian Federal Security Service, see Wikipedia.

Source: https://arstechnica.com/security/2026/07/the-us-government-warns-that-russia-state-hackers-are-coming-after-your-router

> share
Ing. Pietro Maiorana

> AUTHOR_EXTRACTED

Ing. Pietro Maiorana

Ingegnere informatico e co-fondatore di Meteora Web, CMO dell'agenzia. Esperto di marketing digitale, social media, advertising, copywriting e SEO.
[ Read Full Dossier ]

> METEORA_WEB // DIGITAL AGENCY

We build the digital presence your business deserves.

Websites, social media, online advertising, e-commerce and high-performance hosting, engineered with method by computer engineers in Sciacca, for all of Italy.

> MW_JOURNAL

> READ_ALL()