Malware has infected Cisco routers in at least 14 instances, according to a research report released earlier this...
week by FireEye Inc. The security firm, based in Milpitas, Calif., said its Mandiant forensics unit uncovered the router malware -- dubbed SYNful Knock -- in routers in Mexico, India, the Philippines and Ukraine. FireEye said at least three router models were identified -- the 1841, 2811 and 8825, all of which are no longer being sold by the vendor -- but it's likely that other models were also attacked based on common functionalities and their shared Cisco IOS foundation.
FireEye CEO Dave DeWalt termed the router malware as "the ultimate spying tool, the ultimate corporate espionage tool, the ultimate cybercrime tool" in an interview with Reuters.
Cisco said it had notified customers about the attack in August, adding that its router software wasn't to blame. Instead, attackers gained access to the routers by stealing administrator credentials.
FireEye said SYNful Knock router malware is particularly challenging because it is customizable and modular in nature. Even determining the presence of a backdoor can be difficult, since it uses nonstandard packets that makes the software appear authenticated.
Aryaka partners with Avant to tout WAN as a service
"What we did for a very long time is build our business on direct sales," said Sean Dublin, Aryaka's director of channel sales. "And what we found was that to increase your business, you can go one in two directions: Hire a bunch of people or align yourself with [companies like Avant] and take advantage of those relationships."
The move reflects a shift by Aryaka, which has also reshuffled its executive suite. In July, the vendor, which offers both WAN as a service and network as a service offerings through multiple dedicated links powered by globally distributed points of presence, named Shawn Farshchi president and CEO.
Aryaka's deal with Avant comes as the WAN services marketplace is undergoing a metamorphosis, as vendors begin to bolster their portfolios with software-defined capabilities. Dublin said Aryaka's services encompass SD-WAN, but that its core offerings go beyond that.
"Because we do the middle mile over our private backbone, we feel we have an advantage over any long-distance service that includes SD-WAN," he said. "To us, that technology is a simple feature on our network -- not the entire network."
Cisco launches Wi-Fi for SMBs
Cisco rolled out a new, bundled hardware and software portfolio to make it easier for small and medium-sized businesses to deploy Wi-Fi. The bundle, Mobility Express, doesn't require a dedicated controller and can manage up to 25 access points (APs), as well as support up to 500 clients. A mobile management app -- for iOS and Android -- configures the system.
Mobility Express is built on Cisco's Aironet 1830 or 1850 series of 802.11ac Wave 2 APs, the company said in a blog posted Sept. 15. Cisco said the system's components can be deployed in less than 10 minutes.
In addition to rolling out Mobility Express, Cisco upgraded its Connected Mobile Experiences wireless analytics app. Two new tools, Presence Analytics and Social Analytics, track visitor engagement and social engagement from Twitter feeds, respectively. The tools can be used within Mobility Express or within Wi-Fi networks already established in large enterprises, Cisco said.
How to detect and mitigate malware
Changing the face of malware
Securing Wi-Fi for SMBs