Russian state-sponsored advanced persistent threat (APT) groups, including Berserk Bear and Energetic Bear, are actively targeting network devices, particularly routers, to compromise critical infrastructure worldwide1. These groups, linked to the FSB Center 16, have been scanning and exploiting vulnerabilities in poorly secured devices to gain access to organizations in various sectors, including communications, defense, and healthcare. The US and allied governments have issued warnings about these threats, highlighting the need for enhanced security measures to protect network devices. The targeted sectors are diverse, ranging from energy and finance to government and healthcare, indicating a broad scope of potential impact. This state-aligned activity shifts the threat model from traditional criminal activity to a geopolitical one, requiring a different approach to mitigation and response. This matters to cybersecurity practitioners because it necessitates a revised threat assessment and strategy to counter the unique tactics and motivations of nation-state actors.
US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups
⚠️ Critical Alert
Why This Matters
State-aligned activity involving Russia shifts the threat model from criminal to geopolitical — different playbook required.
References
- SecurityAffairs. (2026, July 15). US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups. SecurityAffairs. https://securityaffairs.com/195448/apt/us-and-allied-governments-recommendations-securing-network-devices-against-russian-apt-groups.html
Original Source
SecurityAffairs
Read original →