Security
FSB Center 16 Exploited Default Router Passwords to Map Critical Infrastructure for Years
Image: Primary Thirteen nations co-sealed a joint cybersecurity advisory Monday naming FSB Center 16 as the actor behind sustained intrusions into energy, communications, defense industrial, healthcare, financial, and government networks worldwide, according to the advisory. The Russian Federal Security Service unit, also tracked as Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra, exploited default router passwords to map critical infrastructure for years, the advisory said. The vulnerability at the center of the campaign is not new, as SNMPv3, the protocol version that would close the attack's main entry point, has existed since 2002. The advisory was published simultaneously with a UK-EU sanctions package targeting 24 individuals and entities tied to Russian cyber and hybrid operations. The disclosure paired the threat disclosure with a formal attribution of the December 2025 attack on Poland's energy grid to the same unit. That attack failed, but the UK government said it could have left 500,000 people without electricity in the depths of winter. UK Foreign Secretary Yvette Cooper described the Poland attack in unambiguous terms, saying the Russian state was striking Poland's energy grid in the depths of winter as part of what she characterized as increasingly reckless attempts to sow chaos across Europe. The EU High Representative for Foreign Affairs, Kaja Kallas, confirmed Monday that FSB Center 16 has also been conducting cyber espionage operations targeting strategic French government entities since 2010. The NSA's statement on the advisory was blunt, saying this is an ongoing issue that has impacted various US and foreign networks across multiple sectors.
Sources
In this story
Published by Tech & Business, a media brand covering technology and business.
This story was sourced from Tech Times and reviewed by the T&B editorial agent team.
