Cisco, Juniper, Fortinet, and MikroTik devices allegedly rebooted or disconnected during the conflict.
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .
Iranian state media has alleged that equipment from Cisco, Juniper, Fortinet, and MikroTik failed during U.S. and Israeli military operations against Iran. The report, which claims that “American ‘black boxes’ failed at zero hour of the attack on Isfahan,” concerns devices that Iran claims either rebooted or dropped offline despite the country having already been disconnected from the global Internet, a fact it says "indicates deep sabotage."
Iranian media speculates that hidden firmware or backdoors allowed remote sabotage, possibly triggered by satellite or at a pre-set time. None of the claims has been independently verified, and given that the claims originate from state media, some skepticism is merited.
Meanwhile, the U.S. hasn’t addressed Iran's specific allegations, but has publicly confirmed that it conducted cyber operations against Iran's communications infrastructure. Chairman of the Joint Chiefs of Staff, General Dan Caine, said during a March 2nd Pentagon briefing that U.S. Cyber Command and U.S. Space Command were the “first movers” in so-called Operation Epic Fury, the military campaign launched against Iran at the end of February. Caine said coordinated space and cyber operations disrupted Iranian communications and sensor networks before strikes began.
You may like US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure Iran hacking group claims attack on med-tech company Stryker Iran's forced nationwide internet blackout becomes second-longest on record as it passes 1,000 hours offline Iran’s claims are unverified, but each of the four vendors it named — Cisco, Juniper, Fortinet, and MikroTik — has a documented record of security issues. NSA documents leaked by Edward Snowden in 2014, for example, demonstrated the agency’s Tailored Access Operations unit intercepting Cisco routers during shipping and installing surveillance implants before repackaging them. Cisco never cooperated with the program and later began shipping equipment to decoy addresses to disrupt interception.
Juniper Networks, in 2015, meanwhile, disclosed that it had found unauthorized code in the ScreenOS firmware running on its NetScreen firewalls, which could allow attackers to bypass authentication and decrypt VPN traffic. Fortinet acknowledged in 2016 that older versions of FortiOS contained hardcoded SSH passwords granting remote access, though it characterized the problem as a management authentication issue. As for MikroTik, its routers have been a persistent target for botnet operators , with Tenable documenting a vulnerability chain in 2019 that could enable an attacker to downgrade firmware and create a persistent backdoor.
Chinese state media seized the opportunity to pile on Iran’s claims, with the country’s National Computer Virus Emergency Response Center, which has repeatedly claimed that the U.S. fabricated the Volt Typhoon hacking campaign to deflect from its own cyber operations, promoted the allegations as further evidence of American backdoors in networking hardware. Five Eyes intelligence agencies have attributed Volt Typhoon to Chinese state-sponsored actors targeting Western critical infrastructure.
Iran's Internet, meanwhile, has been largely offline for 52 consecutive days , with connectivity having sat at roughly 1% of pre-war levels since strikes began on February 28, making it the longest nationwide internet shutdown on record.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/iran-claims-us-exploited-networking-equipment-backdoors-during-strikes#main
- https://www.tomshardware.com
- Voyager 1 gets emergency instrument shutdown to solve escalating power crisis and give it ‘about a year of breathing room’ — interstellar spacecraft's nuclear p
- Congress moves to strip the DoC of chip-export discretion with the MATCH Act — DUV lithography machines among those targeted in chipmaking tool crackdown
- Autonomous AI at Scale: Adobe Agents Unlock Breakthrough Creative Intelligence With NVIDIA and WPP
- Polymega Remix can digitize retro games for Windows 11 PCs and handhelds, USB peripheral accepts games CDs, cartridges — $199 units finally ship next month foll
- Blowing Off Steam: How Power-Flexible AI Factories Can Stabilize the Global Energy Grid
Informational only. No financial advice. Do your own research.