The Iranian government on Saturday said hackers attacked networks in multiple countries– including data centers in Iran– where they left the image of an American flag along with a warning “Don’t mess with our elections.”
IRNA, Iran’s official news agency, said the attack apparently affected 200,000 router switches across the world, including 3,500 in Iran, Reuters reported.
Iran’s IT Minister Mohammad Javad Azari-Jahromi shared a photograph on Twitter showing an infected computer’s screen with the U.S. flag and the hackers’ warning.
He said on social media that the state’s computer emergency response unit had shown “weaknesses in providing information to (affected) companies” following the hack that was first noticed on Friday in Iran.
The attack reportedly cut off web access for subscribers. The ministry said such attack was possible due to a vulnerability in routers from Cisco, a U.S. technology company that warned about possible cyber-attacks last week.
“Several incidents in multiple countries, including some specifically targeting critical infrastructure, have involved the misuse of the Smart Install protocol,” wrote Nick Biasini, a threat researcher at Cisco, noting that the attacks “are believed to be associated with nation-state actors.”
He added: “As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.”
The technology company issued an update preventing the attacks but some users reportedly failed to apply the update.
It remains unclear who carried out the attack. No data was reportedly lost and the hack was defused within hours. The Iranian ministry said the hack affected Europe, India, and the United States, according to state television.
“Some 55,000 devices were affected in the United States and 14,000 in China, and Iran’s share of affected devices was 2 percent,” Iran’s IT minister was quoted as saying by state television, Reuters reported.