Flaw in Cisco Switches Leads to Attacks on Critical Infrastructure

Today’s topics include a flaw in Cisco switches that allows hackers to attack critical infrastructure and TERiX’s CEO sentenced and fined for his role in his company’s Oracle IP fraud.

Attackers are taking aim at critical infrastructure in multiple countries by exploiting a software flaw in some Cisco switches that has been a point of concern for more than a year.

According to a blog post last week by Cisco’s Talos security unit, the cyber-attacks are exploiting what Cisco officials are calling a “protocol misuse” situation in Cisco’s Smart Install Client, which is designed to enable the no-touch installation and deployment of new Cisco hardware, in particular Cisco switches.

The Talos unit is blaming nation-states for the bulk of these attacks, saying they are similar to those detailed in a release last month by U.S. Cert that alleged hackers associated with the Russian government were targeting U.S. government agencies and organizations in such critical areas as nuclear, water, aviation, energy, commercial facilities and manufacturing.

The co-owner and CEO of TERiX Computer was sentenced in U.S. District Court last week for his role in fraudulently obtaining more than $10 million worth of intellectual property from Oracle, the world’s largest database maker.

Sixty-six-year-old Bernd Appleby, of San Jose, Calif., was sentenced by a senior U.S. District judge of the Ohio Southern District to 24 months in prison and two years of supervised release and was ordered to pay a $100,000 fine.

In June 2015, Oracle obtained a $58 million judgment against TERiX for copyright infringement based on TERiX’s theft of patches and updates to Oracle’s UNIX-based Solaris operating system. TERiX describes itself as providing “vendor-neutral support for servers, storage and networking hardware and UNIX operating systems in the U.S. and 56 countries.”