Thursday 26 May 2022
- Advertisement -

Protect Your Firm From CIA’s Cherry Blossom

Join Sirf News on


According to new documents published by WikiLeaks, the United States’ Central Intelligence Agency (CIA) has been building and maintaining a host of tools to access the networked activities of organisations America wishes to track. WikiLeaks has published new documents describing a program called Cherry Blossom.

Router is the front gate of every network connected to Internet. Even if there is a Firewall at the gateway, if the router gets compromised, it opens a window in that network to monitor all the activity happening in that network. Generally, in an organisation, routers are devices the least taken care of, and they are rarely updated to current firmware. This creates a big loophole and a high possibility of its security being compromised from outside. An outsider can thus get an access to all the activities of the organisation that are networked.

Cherry Blossom is capable of performing exploits in software and monitoring Internet activities of the target such as the activities that transmit through commonly used Wi-Fi devices in private and public places. The victims are mostly small and medium-sized companies as well as enterprise offices.

The program uses a modified version of a given router’s firmware to turn it into a surveillance tool. Once in place, Cherry Blossom lets a remote agent monitor the target’s internet traffic, scan for useful information like passwords and even redirect the target to the desired website.

Cherry Blossom compromises the wireless devices using Man-in-the-Middle attack to monitor, control and manipulate the Internet of connected users. Once the devices have been infected successfully, this tool can inject the malicious content via streaming to exploit the vulnerabilities in the target.

When the malicious program has compromised the targetthe router access point will get compromised, too. It will communicate over the Internet to a command-and-control server referred to as the Cherry Tree.

According to a secret document of the CIA, the key element of the Cherry Blossom system is the implanted device called Flytrap. It acts as a wireless access point (AP), router, or another device that has been implanted with Cherry Blossom firmware. Flytraps execute missions to detect and exploit targets.

Cherry Blossom is another skeleton tumbling out of CIA’s closet. It was designed for numerous devices including wireless routers from Cisco, D-Link, Belkin and Linksys. A complete list of affected models can be found here.

Cherry Blossom firmware can be installed on devices even without physical access to them. It can run undetected in the same environment, giving complete control and access to all the activities happening in the targeted organisation to the exploiter.

To be safe, organisations should keep their routers’ firmware updated, always behind a Firewall. All the ports that are of no use in the organisation should be blocked. External should be monitored and rules should be set accordingly.

Contribute to our cause

Contribute to the nation's cause

Sirf News needs to recruit journalists in large numbers to increase the volume of its reports and articles to at least 100 a day, which will make us mainstream, which is necessary to challenge the anti-India discourse by established media houses. Besides there are monthly liabilities like the subscription fees of news agencies, the cost of a dedicated server, office maintenance, marketing expenses, etc. Donation is our only source of income. Please serve the cause of the nation by donating generously.

Join Sirf News on


Sourav Mishra
Sourav Mishra
Country Head at Panda Security, past life regression therapist

Similar Articles


Scan to donate

Swadharma QR Code
Sirf News Facebook Page QR Code
Facebook page of Sirf News: Scan to like and follow

Most Popular

%d bloggers like this: