The Daily Patch
Back to News
vulnerability🌐InternationalSecurity Affairs

Russian state hackers targeted Western critical infrastructure for years, Amazon says

Wednesday, December 17, 2025

Russian state hackers targeted Western critical infrastructure for years, Amazon says

What

Russian state-sponsored hackers conducted a years-long campaign against Western critical infrastructure, evolving their tactics from exploiting vulnerabilities to abusing misconfigured network devices for credential harvesting and persistent access.

Where

Targets included energy providers and critical infrastructure across North America, Europe, and the Middle East.

When

The campaign spanned from 2021 to 2025.

Key Factors

  • Shift from exploiting vulnerabilities to abusing misconfigured network edge devices.
  • Targets included routers, VPNs, and cloud services, particularly in the energy sector.
  • Persistent access was maintained through credential harvesting and replay attacks.

Takeaways

  • Organizations must prioritize the secure configuration of network devices to prevent exploitation.
  • The shift in tactics indicates a need for adaptive security measures against evolving threats.
  • Regular audits and monitoring of network configurations are essential to mitigate risks.

Reported by 2 Sources

USSecurity AffairsCSO Online

Similar News

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

IBM API Connect Critical Authentication Bypass Disclosed

IBM API Connect Critical Authentication Bypass Disclosed