"Don't mess with our elections" message with American Flag image left by Hackers attacking 200K Vulnerable Routers
Ever since the presidential election in the USA has had speculative information on whether the election cycle was hacked, there has been a looming concern all over the world wondering if the latest and greatest hacker group will attack future elections in many countries. In a recent attack, hackers targeted nearly 200,000 router switches only to leave a message on affected computers displaying the American Flag with a note warning, "Don't mess with our elections." Iran was one of the many targets in what has been reported to be aimed at many countries, including Iran.
Not only was the hacker attack on Iranian computers one that looked to warn Iran over hacking US elections, but it knocked out Internet service for subscribers who utilize the attacked routers across many countries. Allowing the attack was a vulnerability discovered in Cisco routers. Ironically, the weakness within the Cisco routers was one that was originally patched but many of the updates failed to install over the Iranian new year holiday.
A blog post made by Cisco's Talos Security Intelligence and Research Group said: "Several incidents in multiple countries, including some specifically targeting critical infrastructure, have involved the misuse of the Smart Install protocol. As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths."
The hacker message was made clear and shared on Twitter by Iran's IT Minister Mohammad Javad Azari-Jahromi. Clearly, as seen in his Tweet, an American Flag image formed in text characters along with the message said: "Don't mess with our elections." The official tweet has been posted below.
بررسیهای اولیه حاکی از آن است که در تنظیمات مسیریابهای مورد حمله قرار گرفته، با حک پرچم ایالت متحده، اعتراضی درباره انتخابات آمریکا صورت گرفته است. دامنه حملات فراتر از ایران است. منشا حملات در دست بررسی است pic.twitter.com/L8erHB52j1
— MJ Azari Jahromi (@azarijahromi) April 6, 2018
Apparently, by a glimpse of the hacker message found on systems where a Cisco router vulnerability was leveraged, the hackers almost claim to be Americans who are warning Iranians not to mess with any upcoming election cycle. Thus far, the attack has affected India, Europe, China, Russia, and the United States. Even though countries outside of Iran has systems hit by the hacker attack, upwards of 3,500 of the router switched hit were in Iran and then widespread throughout other countries with 55,000 devices hit in the United Sates, and 14,000 hit in China alone.
So far, officials are not certain who carried out the attack. Fortunately, as reports have come in from state-run IT organizations, the attack was neutralized within hours and no data was lost. Still, the attack begs to remind us all of the imminent hacker attacks on elections that could once again stir the emotions of legally voting citizens in many countries around the world. Could this recent attack be the first of many to warn election meddlers who look to attack the next US election cycle? For now, all we can do is speculate and await the next warning from hackers who look to be on either side of the aisle.