Tuesday 14 July, 2026
[email protected]
Resilience Media
  • News
    • Events
    • Interview
    • Startups
    • Venture
    • Weekly Digest
  • Resilience Conference
    • Resilience Conference Warsaw 2026
    • Resilience Conference Copenhagen 2026
    • Resilience Conference London 2026
  • About
  • Guest Posts
    • Author a Post
  • Subscribe
No Result
View All Result
  • News
    • Events
    • Interview
    • Startups
    • Venture
    • Weekly Digest
  • Resilience Conference
    • Resilience Conference Warsaw 2026
    • Resilience Conference Copenhagen 2026
    • Resilience Conference London 2026
  • About
  • Guest Posts
    • Author a Post
  • Subscribe
No Result
View All Result
Resilience Media
No Result
View All Result

UK and allies warn defence sector over Russian campaign targeting internet-facing routers

Joint advisory says FSB operators are exploiting weakly secured network devices to gain footholds inside critical infrastructure

Carly PagebyCarly Page
July 13, 2026
in News
black corded electronic device
Share on Linkedin

The UK and 18 international partners have warned organisations across the defence sector to strengthen the security of internet-facing network devices after identifying sustained efforts by Russian intelligence operatives to compromise critical infrastructure through poorly protected routers.

You Might Also Like

NATO DIANA selects ten innovators for its decision superiority challenge

Auterion to equip 50,000 Ukrainian strike drones with precision guidance tech

Helsing is now Europe’s biggest defence tech startup, raising $1.8B at an $18B valuation

The advisory, published by the National Cyber Security Centre (NCSC) alongside agencies including the US National Security Agency (NSA), CISA, and counterparts across Europe, Australia, and New Zealand, details the tactics used by Centre 16 of Russia’s Federal Security Service (FSB). Better known to many by names including “Berserk Bear”, “Energetic Bear”, and “Dragonfly”, the group has spent years targeting organisations that underpin national security and critical services.

While communications, energy, government, healthcare, and financial services all feature prominently in the warning, defence organisations are among those singled out as being at particular risk from the campaign.

Rather than relying on previously unknown vulnerabilities, Centre 16 has been exploiting internet-facing devices that remain configured with weak or default Simple Network Management Protocol (SNMP) community strings, alongside known flaws affecting Cisco equipment, Cisco’s Smart Install feature, and exposed web management portals.

The advisory says the group trawls the public internet looking for routers it can compromise before using them as a way into wider networks. Once inside, operators can learn how a network is put together, collect credentials, watch traffic moving across it and quietly expand their access over time.

Its publication coincided with a broader UK effort to call out Russian cyber activity. Ministers announced sanctions against 24 individuals and organisations linked to Moscow’s cyber and hybrid campaigns, while the UK and EU member states also formally attributed the attempted December 2025 cyberattack against Poland’s energy grid to FSB Centre 16.

“The NCSC, alongside our international partners, have repeatedly exposed the advanced tools and coordinated campaigns of Russian cyber actors who persistently seek to exploit any vulnerability they encounter,” said Jonathon Ellison, the NCSC’s Director of National Resilience, adding that organisations responsible for critical networks should implement the advisory’s recommendations “immediately”.

Those recommendations focus on strengthening the security of network infrastructure rather than deploying new defensive technologies. Organisations are advised to disable legacy SNMP versions in favour of SNMPv3, replace default credentials with unique passwords, restrict access to management interfaces, remove unnecessary services, and replace unsupported network hardware. The NCSC is also encouraging organisations to adopt Cyber Essentials and use the updated Cyber Assessment Framework to assess and improve their cyber resilience.

For defence organisations, the advisory serves as another reminder that sophisticated state-backed espionage does not always begin with sophisticated exploits. 

Tags: CybersecurityNCSCRussiauk government
Previous Post

Helsing is now Europe’s biggest defence tech startup, raising $1.8B at an $18B valuation

Next Post

Auterion to equip 50,000 Ukrainian strike drones with precision guidance tech

Carly Page

Carly Page

Carly Page is a freelance journalist and copywriter with 10+ years of experience covering the technology industry, and was formerly a senior cybersecurity reporter at TechCrunch. Bylines include Forbes, IT Pro, LeadDev, The Register, TechCrunch, TechFinitive, TechRadar, TES, The Telegraph, TIME, Uswitch, WIRED, & more.

Related News

Deterrence lies in production capacity and cognitive warfare

NATO DIANA selects ten innovators for its decision superiority challenge

byJohn Biggs
July 13, 2026

NATO’s Defence Innovation Accelerator for the North Atlantic, or DIANA, has selected ten companies to take part in its Decision...

Silhouette of a drone in flight against a orange sunset sky.

Auterion to equip 50,000 Ukrainian strike drones with precision guidance tech

byPaul Sawers
July 13, 2026

Ukraine's drone war has always come down to volume and accuracy — get enough systems onto the battlefield, and get...

Helsing launches Area 9 research unit and unveils European robotics platform

Helsing is now Europe’s biggest defence tech startup, raising $1.8B at an $18B valuation

byIngrid Lunden
July 13, 2026

Helsing, the defence tech company out of Germany, today cemented its position as Europe's most valuable privately-held startup in the...

Kinetic disinformation and AI-scaled campaigns are the new faces of hybrid warfare

byStanislaw Naklicki
July 12, 2026

Disinformation components in kinetic Russian operations in Ukraine and Europe, along with the proliferation of AI capabilities, mean that the...

Nokia, NestAI combine 5G, AI, and sensing for constant battlefield connectivity

Nokia, NestAI combine 5G, AI, and sensing for constant battlefield connectivity

byJohn Biggs
July 10, 2026

Two Finnish companies, Nokia and NestAI, have announced the first products built through their 2025 partnership. The systems, which connect...

SFC Energy’s fuel cells are headed to Ukraine to supply troops with instant electricity

SFC Energy’s fuel cells are headed to Ukraine to supply troops with instant electricity

byJohn Biggs
July 10, 2026

https://youtu.be/EkWlOo8cEFs German fuel cell company SFC Energy recently announced that they are delivering approximately €42 million worth of combat-proven fuel...

Dispatches from Estonia: Quantum Systems moves in

Dispatches from Estonia: Quantum Systems moves in

byFiona Alston
July 10, 2026

Following its acquisition of Estonian intelligence software company SensusQ, Quantum Systems is opening an official office for Estonian operations in...

man in green and brown camouflage uniform holding black rifle

British Army bets £2B on AI-driven training overhaul

byCarly Page
July 10, 2026

The Ministry of Defence has awarded a £2 billion contract to deliver a new AI-enabled training system for the British...

Load More
Next Post
Silhouette of a drone in flight against a orange sunset sky.

Auterion to equip 50,000 Ukrainian strike drones with precision guidance tech

Deterrence lies in production capacity and cognitive warfare

NATO DIANA selects ten innovators for its decision superiority challenge

Most viewed

InVeris announces fats Drone, an integrated, multi-party drone flight simulator

Uforce raises $50M at a $1B+ valuation to build defence tech for Ukraine

Auterion, the drone software startup, eyes raising $200M at a $1.2B+ valuation

Palantir and Ukraine’s Brave1 have built a new AI “Dataroom”

Twentyfour Industries emerges from stealth with $11.8M for mass-produced drones

Senai exits stealth to help governments harness online video intelligence

Resilience Media is an independent publication covering the future of defence, security, and resilience. Our reporting focuses on emerging technologies, strategic threats, and the growing role of startups and investors in the defence of democracy.

  • About
  • News
  • Resilence Conference
    • Resilience Conference Copenhagen 2026
    • Resilience Conference Warsaw 2026
    • Resilience Conference 2026
  • Guest Posts
  • Subscribe
  • Privacy Policy
  • Terms & Conditions
  • Mission Statement & Code of Practice
  • Press

© 2026 Resilience Media

No Result
View All Result
  • Home
  • About
  • Subscribe
  • Events
  • Guest Posts
  • Interview
  • News
  • Resilience Conference London 2026
  • Resilience Conference Copenhagen 2026
  • Resilience Conference Warsaw 2026

© 2026 Resilience Media

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.