EXECUTIVE SUMMARY:

Leaving American flags and messages on machines in Russia and Iran, hackers put a stake in the ground last Friday, saying, “Don’t mess with our elections.” The vector they chose to carry out their cyberattack was a vulnerability in the Cisco Smart Install Client.

The cyberattack comes on the heels of recent alerts from US Computer Emergency Readiness Team (CERT) and security researchers that have indicated that hackers tied to the Russian government were targeting energy and other critical infrastructure sectors using that same vulnerability. As a result, hackers purportedly decided to send a message, targeting internet providers and data centers. According to Motherboard, the cyberattack was relatively unsophisticated, yet successful.

Iran’s official news agency, IRNA, quoted the Communication and Information Technology Ministry as saying, “The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.” But Reuters reports that the deputy head of the state-run Information Technology Organisation of Iran said the attack was neutralized within hours and no data was lost.

The hackers told Motherboard that they scanned many countries for the vulnerable systems, including the UK, US, and Canada, but only “attacked” Russia and Iran. Their reason: “We were tired of attacks from government-backed hackers on the United States and other countries.”

Get the full story at Motherboard.