PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Russian Hackers Infiltrate Old, Unpatched Systems

By Tom Nawrocki
August 21, 2025
in Analysts Coverage, Fraud & Security
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
stripe ai

Cyber security software show alert of cyber attack for protection snugly. Danger from virus, phishing and cyber fraud. 3D illustration

The FBI has issued a warning about Russian hackers who have been infiltrating thousands of networking devices associated with critical infrastructure IT systems. The gang has been leveraging a vulnerability in older Cisco software in its attacks.

Cisco Talos, Cisco’s threat intelligence organization, said the group attacked organizations in telecommunications, higher education, and manufacturing sectors across North America, Asia, Africa, and Europe. Rather than issuing ransomware demands, the hackers chose victims based on their “strategic interest” to Russia.

According to the Cisco Talos blog, the hacking group is Static Tundra, a Russian state-sponsored cyber espionage group that supports Russia’s long-term intrusion campaigns into organizations of strategic interest to the government. Their goal is to extract “device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government.”

“Attacks from Russia are nothing new, but critical infrastructure is at heightened risk during times of geopolitical unrest, especially from adversaries such as Russia, Iran, and China,” said Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research. “Recent negotiations between the Russia and U.S., as part of efforts to end the war in Ukraine, could tip the cybersecurity scales in either direction, meaning critical infrastructure industries, like the industrial and financial sectors, in particular, should be on heightened alert.”

Long-Term Missions

The investigation into the hacking shows how long-term the plans were. Static Tundra has been around for more than a decade and has been able to maintain access to its targets for years without detection.

In the recently discovered attacks, the hackers would modify configuration files to enable unauthorized access to those devices, then use that access to conduct reconnaissance in the victim networks. They seemed to be especially interested in protocols and applications associated with industrial control systems.

Exploiting Old Vulnerabilities

To get this access, the hackers exploited a seven-year-old vulnerability in Cisco IOS software. Although the vulnerability was detected and resolved years ago, the group targeted unpatched and end-of-life network devices to steal configuration data and establish persistent access.

“Most of the vulnerabilities exploited by cyber adversaries, such as Russia, are easily mitigated via the adoption and enforcement of zero-trust policies and regular network and software vulnerability testing and patching,” Goldberg said. “Financial institutions, in particular, should be using the third and fourth quarters of 2025 to revisit and test their disaster-recovery planning playbooks, to ensure cyberthreat response is adequately addressed.”

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Tags: CiscoCybersecurityFBIHackersRussia

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    account aggregation

    The Dilemma Facing Financial Institutions: Aggregate or Be Aggregated

    July 2, 2026
    contactless payments

    Wherever There’s Friction, Contactless Payments Can Help

    July 1, 2026
    gift card strategy, gift card trends

    How Cautionary Spending Is Fueling Gift Card Purchases

    June 30, 2026
    Know Your Agent

    Trust but Verify: Security in the Age of Agentic AI

    June 29, 2026
    SoLo CFPB

    How Banks Are Fighting the Scourge of Money Mules

    June 26, 2026
    The Goldilocks Principle and Banking

    Are Banks Fully Unlocking Their Data Gold Mine?

    June 25, 2026
    stablecoin regulation

    The New Settlement Frontier: Bank-Led Stablecoins and the Reordering of Global Capital Flows

    June 24, 2026
    merchant of record

    How the Merchant of Record Became a Global Commerce Engine

    June 23, 2026

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2026 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result