Finland's security agency Supo has issued a warning about Russia "exploiting poorly secured home routers and other network devices for cyber espionage".

Supo, the Finnish Security and Intelligence Service, and Traficom's National Cyber Security Centre issued the warning in a press release on Wednesday.

It said that an international joint operation they took part in managed to disrupt cyber espionage by the GRU, Russia's military intelligence service, "by preventing the use of a global cyber espionage network made up of compromised network devices".

Supo and the cyber security agency took part in the operation, which was led by the US Federal Bureau of Investigation (FBI).

The agency said that in recent years, a "cyber threat actor" linked to the GRU extensively used poorly secured home routers in its espionage efforts.

Supo said the effort focused on TP-Link branded routers that had been infiltrated by the GRU and remained unpatched for the security flaw CVE-2023-50224.

It explained that the vulnerability permits malicious actors to transmit a query to the router that exposes passwords or cryptographic keys held within it, thus allowing the attacker to gain command of the device.

The authorities warned that Russia takes advantage of poorly secured internet connected devices around the world to gather intelligence.

They encouraged device owners and IT administrators to take action in order to thwart the threat.

"A poorly secured router can, without the owner’s knowledge, enable cyber espionage or other malicious activity. Everyone in Finland can improve network security by taking care of their own network devices. Devices, applications and software should be kept up to date and updates should be installed regularly. When home network devices are current, updated and supported by the manufacturer, the risk of them being used in cyberattacks is significantly reduced," Supo's release read.