• Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Login
Join Free
Home
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Coming Soon
Job Board
Events
Contact Awards
USMC Deception Manual
Login
Join Free
Home Global Operations

U.S. and Allies Expose Distinct FSB and GRU Cyber Campaigns Targeting Routers

  • SOFX Staff Writer
  • July 15, 2026
(Credit: BreizhAtao / Shutterstock)
Share on FacebookShare on TwitterLinkedIn

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and agencies from 12 allied nations released a joint advisory July 13 warning that Russia’s Federal Security Service (FSB) Center 16 is exploiting poorly configured routers and networking devices to breach critical infrastructure networks worldwide.

Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly configured and vulnerable networking devices worldwide, targeting devices across critical infrastructure sectors. These vulnerabilities can give hostile actors access to the systems that… pic.twitter.com/K5Po1v87Fu

— FBI Phoenix (@FBIPhoenix) July 14, 2026


The advisory attributes the campaign to FSB Center 16, also tracked as Berserk Bear, Ghost Blizzard, and Static Tundra. “This is an ongoing issue that has impacted various U.S. and foreign networks across multiple sectors, including the defense industrial base, communications, energy, financial services, government facilities and health care sectors,” the NSA stated.

The group scans internet-accessible routers for default Simple Network Management Protocol (SNMP) community strings, a protocol used to manage network devices, and also exploits Cisco Smart Install, a legacy unauthenticated configuration feature in network switches.

The FSB advisory follows a separate April 7, 2026 warning from the FBI, NSA, and 15 partner nations attributing a network of compromised small office and home office (SOHO) routers to Russian military intelligence, the General Staff Main Intelligence Directorate (GRU).

The GRU carried out Domain Name System (DNS) hijacking against military and government targets before the Department of Justice disrupted the network. The July advisory covers a distinct FSB operation, showing Russia’s FSB and GRU running independent router campaigns against overlapping targets.

The July 13 advisory coincided with the United Kingdom and European Union’s first joint cyber sanctions package, targeting 24 individuals and entities linked to Russian cyber operations

The UK’s Foreign, Commonwealth and Development Office (FCDO) simultaneously attributed the December 2025 cyberattack on Poland’s power grid to FSB Center 16, calling it “another example of the Russian state’s irresponsible attempts to sow chaos across Europe.”

The attackers attempted to deploy DynoWiper malware to sabotage the grid, an operation that officials warn could have cut heat and power to up to 500,000 consumers if it had succeeded.

SOFX Staff Writer

SOFX Staff Writer

The Editor Staff at SOFX comprises a diverse, global team of dedicated staff writers and skilled freelancers. Together, they form the backbone of our reporting and content creation.

Subscribe
Login
Notify of
guest
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
ADVERTISEMENT

Trending News

Pentagon Releases Fourth UAP Tranche, Including Space Shuttle Columbia Photographs

Pentagon Releases Fourth UAP Tranche, Including Space Shuttle Columbia Photographs

by SOFX Staff Writer
July 10, 2026
0

The Department of War released 40 previously classified files related to unidentified anomalous phenomena on Friday, adding photographs from a...

Army’s $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

Army’s $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

by SOFX Staff Writer
July 15, 2026
1

A contractor-operated plant in Mesquite, Texas, built to produce 30,000 155mm projectile components per month, has not delivered a single...

U.S.-Iran Conflict Enters Day 3 as Iran Retaliates After U.S. Strikes on 90 Targets

U.S.-Iran Conflict Enters Day 3 as Iran Retaliates After U.S. Strikes on 90 Targets

by SOFX Staff Writer
July 10, 2026
0

Iran launched a new wave of missile strikes against U.S. allies in the Middle East on Thursday in retaliation for...

Viral Video Shows a Russian Gunner Flung From a Runaway Machine Gun

Viral Video Shows a Russian Gunner Flung From a Runaway Machine Gun

by SOFX Staff Writer
July 15, 2026
1

A viral video shows a Russian soldier thrown from a YakB-12.7 rotary machine gun during a training exercise after the...

ADVERTISEMENT
ADVERTISEMENT
Next Post
Army’s $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

Army's $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

France Grants Ukraine Production Licenses for Aster 30, SCALP, and Hammer Systems

France Grants Ukraine Production Licenses for Aster 30, SCALP, and Hammer Systems

997 Morrison Dr. Suite 200, Charleston, SC 29403

News

  • Global Operations
  • Special Interest
  • Industry
  • Global Operations
  • Special Interest
  • Industry

Resources

  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
No Result
View All Result
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Subscribe
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.

Log in to your account

Lost your password?
wpDiscuz