San Diego’s IT crews just got a not‑so‑subtle nudge from Washington. The FBI’s local field office is warning organizations across the region after U.S. and U.K. cyber agencies issued a joint alert saying hostile, nation‑state‑linked hackers are actively targeting out‑of‑support “edge” devices to break into networks and quietly siphon data.
The advisory calls out firewalls, routers, VPN gateways, and other gear sitting on the perimeter as prime targets and urges quick action, not vague long‑term planning. For San Diego businesses, universities, and city agencies, it reads less like a policy memo and more like a punch‑list for anyone responsible for keeping a network online and out of trouble.
What the advisory says
Last Thursday, CISA rolled out Binding Operational Directive 26-02, which orders federal civilian agencies to identify and phase out edge devices that have hit end‑of‑support status. Agencies have roughly 90 days to produce an initial inventory, 12 months to retire devices specifically called out in the directive, and 18 months to remove every unsupported edge appliance they find.
The directive also requires agencies to stand up continuous discovery and lifecycle management within two years so that obsolete hardware and software do not quietly creep back into production networks. It is a time‑boxed, enforcement‑level push aimed at closing a long‑running intrusion channel favored by advanced threat actors, according to Federal News Network.
Alongside the directive, the agencies published a short fact sheet titled “Reducing the Attack Surface for End‑of‑Support Edge Devices,” a joint product of CISA, the FBI and the U.K.’s National Cyber Security Centre. It lays out hardening steps and mitigations defenders can roll out right away. The guidance hits a few recurring notes, including blocking public management interfaces, applying vendor updates wherever they still exist, and segmenting critical systems so attackers have a harder time moving laterally and stealing data, according to BleepingComputer.
Why edge devices matter
Edge appliances sit at the boundary where an organization’s network meets the internet, and they often plug directly into identity systems and traffic flows. If an attacker compromises that gear, they can gain both initial access and a durable foothold inside the environment.
Many of these devices still run old firmware or fully unsupported software, which turns every newly disclosed vulnerability into an outsized risk. Security analysts say that as threat actors increasingly go after infrastructure devices instead of just laptops and servers, hardening the edge has become a national‑level priority, as reported by SC Media.
Mitigations defenders can use now
The joint guidance and the federal directive do not bother with subtlety. They tell defenders to inventory every firewall, router, load balancer and VPN gateway, patch anything the vendor still supports, and immediately disconnect or tightly firewall any management interface that faces the open internet.
On top of that, teams are urged to implement microsegmentation, enforce least privilege and multifactor authentication for administrator accounts, turn up logging and endpoint detection and response coverage, and develop replacement plans for any device that can no longer be updated. Those operational steps track directly with the checklist baked into the advisory and its supporting documents, according to The Hacker News.
San Diego takeaway
FBI San Diego boosted the joint advisory on its X account and linked straight to the mitigation guidance, a clear signal that the message is meant for local network defenders, not just federal IT staff in Washington. The short post effectively hands small and midsize IT teams the same checklist that federal agencies use and urges anyone who spots suspicious activity to loop in their nearest FBI field office. See FBI San Diego on X for the original alert and attached fact sheet.
The FBI, CISA, and UK’s NCSC released a joint advisory on how hostile nation-state linked cyber threat actors exploit end-of-support edge devices to access and compromise data.
— FBI San Diego (@FBISanDiego) February 9, 2026
Review the mitigations to protect your organization’s data: https://t.co/e9AoVoXq4Z pic.twitter.com/Bnn4hxphYz
If you cannot rip out affected devices right away, the fact sheet pushes compensating controls instead. That includes isolating unsupported appliances from sensitive systems, removing any internet‑exposed administrative paths, enforcing strong credential hygiene, and stepping up monitoring while you plan a hardware refresh.
For the full directive and technical details, CISA’s BOD 26-02 materials and the joint fact sheet linked in the FBI San Diego post remain the primary references. For additional background on the federal order to replace end‑of‑life edge gear, see BleepingComputer.
