The FBI’s Internet Crime Complaint Center (IC3) has issued a warning about ongoing cyber threats from Russian government-backed hackers, specifically those tied to the Russian Federal Security Service’s (FSB) Center 16, also known as “Berserk Bear” or “Dragonfly.” These actors are exploiting outdated networking equipment and protocols, including an old Cisco Smart Install vulnerability (CVE-2018-0171) and Simple Network Management Protocol (SNMP), to infiltrate critical infrastructure systems in the U.S. and abroad. Over the past year, they have accessed thousands of networking devices, altered configurations to gain unauthorized access, and conducted reconnaissance targeting industrial control system protocols. These tactics continue a decade-long campaign of exploiting legacy and insecure devices. For more information and technical details, refer to the Russian State-Sponsored Cyber Actors Alert published by CISA in April 2018, which still contains relevant information, as well as CISA’s Primary Mitigations to Reduce Cyber Threats to Operational Technology fact sheet and Cisco Talos’ August 2025 Threat Analysis.