FBI Probes Cyber Intrusion; US Disrupts Botnets; CISA Warns on Energy, Cisco SD-WAN Exploits

The FBI is investigating suspicious cyber activity on a system containing sensitive surveillance information, while the US Justice Department has disrupted four botnets used for DDoS attacks. CISA has also issued warnings regarding vulnerabilities in the energy sector, stemming from a Polish cyberattack, and ongoing exploitation of Cisco Catalyst SD-WAN products. These incidents highlight the persistent and evolving cyber threats facing both government and critical infrastructure sectors. ## Latest Update The US Justice Department announced the disruption of four botnets—Aisuru, KimWolf, JackSkid, and Mossad—that had infected over 3 million devices worldwide and were used to conduct DDoS attacks, including against Department of Defense (DoD) websites. The operation involved international cooperation to seize control of the botnet infrastructure. ## Timeline * **2026-02-12:** CISA advised the US energy sector to change default passwords following cyberattacks on Polish energy suppliers that exploited weak security measures. * **2026-02-25:** CISA, NCSC, and other Five Eyes partners warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN products by a sophisticated threat actor, UAT-8616. * **2026-03-05:** The FBI began investigating suspicious cyber activity on an internal system containing sensitive surveillance information and isolated the system. * **2026-03-20:** The US Justice Department announced the disruption of four malicious botnets that had infected over 3 million devices worldwide and targeted DoD websites. ## What to Watch * Further details on the scope and nature of the FBI cyber intrusion, and any potential impact on surveillance operations. * Continued exploitation of Cisco SD-WAN vulnerabilities and the emergence of new attack vectors targeting critical infrastructure. * Potential for retaliatory cyber actions following the botnet disruption, and the identification of the actors behind these botnets.