FORT MEADE, Md. (July 13, 2026) — Today, the National Security Agency (NSA), in collaboration with partners, is releasing a Cybersecurity Advisory (CSA), “Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting,” warning device owners of threats posed to critical infrastructure sector networks by Russian cyber actors.
The joint CSA details how the Russian Federal Security Service (FSB) Center 16 continues to exploit vulnerable and poorly configured networks. This is an ongoing issue that has impacted various U.S. and foreign networks across multiple sectors, including the Defense Industrial Base, communications, energy, financial services, government facilities and healthcare sectors. NSA and co-sealing agencies emphasize the importance of basic router hygiene as a means for companies and organizations to deter state-level cyber actors.
To proactively defend against these threats, organizations are urged to adopt these top hardening measures:
• Implement Simple Network Management Protocol v3 (SNMPv3)
• Use strong, unique passwords
• Disable Cisco Smart Install
• Block the TFTP, SMI and SNMP protocols at the firewall
• Upgrade software and firmware images to patch vulnerabilities
To provide a comprehensive understanding of the threat, the CSA outlines additional tactics, techniques and procedures that build on the Federal Bureau of Investigation’s (FBI) Public Service Announcement, “Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure.” Device owners and network defenders are urged to review the CSA and implement mitigation and remediation actions to protect against Russian government-sponsored exploitation.
Co-sealing agencies include the Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center, Australian Signals Directorate’s Australian Cyber Security Centre, Communication Security Establishment Canada’s Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre, United Kingdom National Cyber Security Centre, Czech Republic National Cyber and Information Security Agency, Danish Defence Intelligence Service, Estonian Foreign Intelligence Service, Estonian Information System Authority, Finnish Defence Intelligence, Finnish Security and Intelligence Service, French National Cybersecurity Agency, Italian External Intelligence and Security Agency, Italian Internal Intelligence and Security Agency, The Military Counterintelligence Service of Poland, and Sweden National Cyber Security Centre.
Additional Resources
•
Read the full report.
•
Visit our full library for more cybersecurity information and technical guidance.
About the National Security Agency
Founded in 1952, NSA is a U.S. Department of War combat support agency and element of the U.S. Intelligence Community. The Agency’s mission is to provide foreign signals intelligence to policy makers and our military, and to prevent and eradicate cybersecurity threats to U.S. National Security Systems, with a focus on the Defense Industrial Base and the improvement of U.S. weapons security. From protecting U.S. warfighters around the world to enabling and supporting operations on land, in the air, at sea, in space, and in the cyber domain, NSA is committed to building public trust through transparency and protecting civil liberties and privacy consistent with our nation’s values.