The network perimeter is dead. Now what?
The National Cyber Security Centre (NCSC)’s recent advisory detailing how the Russian cyber actor APT28’s exploited vulnerable routers to enable DNS hijacking highlights a dangerous blind spot in enterprise security today.
Traditional perimeter-based security models are increasingly failing at the edge, and this should be uncomfortable reading for any security leader still anchoring their strategy to perimeter defense.
This is the same story we saw play out in 2024, when Chinese state sponsored bad actors linked to Volt Typhoon exploited an unpatched, end-of-life FortiGate 300D firewall to compromise a domain admin account, escalate privileges, create a new user, and establish persistence deep enough to survive a device restart.
One unpatched edge device. One breach vector. Total access. The perimeter didn’t just fail; it handed attackers the keys. According to the FBI, this breach remained undetected for over 300 days, and the same exploit was used to gain access to over...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE