• For Enquiry
  • 847-868-9253
  • 847-868-9208
  • Home
  • Why Choose CIO Landing?
    • Our Team
    • Success Stories
    • ‘8 Things’ We Do Better
    • Partners & Certifications
    • Our Services
  • Industry Expertise
    • Manufacturing
    • Medical
    • Education
    • Financial Services
    • Non-Profit
    • Law Firms
  • IT Solutions
    • Co-Managed Service
    • Managed IT Services
    • IT Support
      • On Demand Services
      • Office Moves & Wiring
      • Security
    • Server Management
    • Backup & Disaster Recovery
    • Cloud Services
    • CIO & IT Consulting
    • Cybersecurity Services
    • VoIP
    • Managed Firewall
    • Microsoft 365
      • Microsoft 365 Plans
        • Small Business
        • Enterprise
        • Education
    • Hardware & Software Sales
    • Email & Spam Protection
  • Resources
    • Free Copy Of New Book
    • Blog
    • Newsletter
    • Video Tips
      • Video Tips Archive
    • Free Cloud Report
    • IT Buyers Guide
    • Cybersecurity Crisis Report
    • Network Audit
    • COVID 19 Resources
    • In The NEWS
    • Online Training
  • About Us
    • Our Mission
    • Leadership
    • Teams
    • Referral Program
    • Press Releases
      • CIO Landing: More Than Just an IT
      • Small businesses can have an IT department too
      • CIO Landing, Inc. has joined forces with Banc Certified Merchant Services (BCMS).
    • Affiliations
    • Careers
      • Job Descriptions
    • FAQs
    • Causes We Support
    • Privacy Policy
    • Terms & Conditions
  • Locations
    • Northfield, IL
    • Northbrook, IL
    • Chicago, IL
    • Miami, FL
  • Support
✕
How To Leave A Google Review Without A Gmail Account
August 8, 2022
Secret Twitter Accounts Are Not What You Think
August 10, 2022

Malware Is Targeting Small Office And Home Office Routers

August 9, 2022

Researchers at Lumen’s Black Lotus Labs recently spotted evidence of a highly sophisticated and tightly targeted campaign aimed at SOHO (small office/home office) routers across both Europe and North America.

Based on the evidence the team has collected thus far, their conclusion is that the unidentified actor must be state sponsored. This is because garden variety hackers do not typically have the tools, techniques, and procedures in place to pull off the kinds of attacks that the researchers are seeing.

It is telling that this campaign’s ramp up coincided with the pandemic-fueled shift to large numbers of employees working from home.

A recently published summary report about the campaign reads in part, as follows:

“This (the massive surge in people working from home) gave threat actors a fresh opportunity to leverage at-home devices such as SOHO routers – which are widely used but rarely monitored or patched – to collect data in transit, hijack connections, and compromise devices in adjacent networks.

The sudden shift to remote work spurred by the pandemic allowed a sophisticated adversary to seize this opportunity to subvert the traditional defense-in-depth posture of many well-established organizations.”

The report goes on to say that:

“The capabilities demonstrated in this campaign – gaining access to SOHO devices of different makes and models, collecting host and LAN information to inform targeting, sampling and hijacking network communications to gain potentially persistent access to in-land devices and intentionally stealth C2 infrastructure leveraging multi-stage siloed router to router communications – points to a highly sophisticated actor that we hypothesize has been living undetected on the edge of targeted networks for years.”

This is a genuine threat. Although your IT department is likely stretched as thin as it is, one of the best ways you can minimize your risk is to assist your employees who are working from home with patch planning to make sure their gear is up to date and as well protected as possible.

Share
87
taylor
taylor

Related posts

March 10, 2025

The Hidden Threat: How Gift Card Scams Are Targeting Businesses Like Yours

Read more
February 11, 2025

CIO Landing Named to CRN’s MSP 500 List for 2025—For the Third Year in a Row!

Read more
December 4, 2024

Unlocking the Power of Windows 11: Tips for Maximum Productivity

Read more
© 2025 All Rights Reserved | Powered by CIO Landing