First, the question is, if you, being a Rostelecomite, found out that, as Biden promised a few days ago, a cyberattack was carried out on Russia, which you missed because of outdated equipment, would you announce it publicly? What should be the response actions of Rostelecom and the state if this were true? Poll at the end of the article.
Since in the comments that I managed to read, the version was not discussed by anyone, despite the fact that it suggested itself, I can not help but share a message from C.ber ... g.me (the name is written so as not to be considered an advertisement, but also not to refer to the authors too it would be dishonest), and the one widespread by experts of one highway tinktank:
A few words about yesterday's fall of state and some other sites.
You have probably already seen messages from anonymous sources that a BGP announcement with a specially formed payload allegedly dropped Juniper routers in Rostelecom (and, probably, even laughed at this news, because Juniper with version 16.7 cannot exist by definition).
We didn't laugh here, but went to find out what the possibilities were.
Here it is (https://kb.juniper.net/JSA11024) - the security bulletin we are interested in (here is the CVE (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1640) ): An error while processing incoming BGP packets in the Juniper Networks RPD (routing protocols process) daemon allows an attacker to abort the RPD, thereby causing a denial of service.
Among JunOS versions, there is version 16.1R7, which is really vulnerable to this CVE. End of support for this version came (https://support.juniper.net/support/eol/software/junos) in January 2020, but for R7 it was extended (https://support.juniper.net/support/eol/software / junos / # 7) until January 2021. That is, if everything described is true, then Rostelecom engineers will have big questions about what this equipment is doing in production. But not gigantic, because only three months old is an irrelevant version of what you want.
The question remains: was this the very cyberattack promised by an anonymous American source. And if so, then not only Putin and his entourage know about it, as promised, but the whole country.
PS: An important addition. The PoC for this vulnerability is not publicly available.