Apr 26, 2024 - Technology

Nation-state spies target Cisco firewalls

Illustration of cursors cracking a shield.

Illustration: Shoshana Gordon/Axios

A group of suspected nation-state hackers has been seen targeting widely used Cisco products, the company warned this week.

Why it matters: Cisco is just the latest IT vendor to uncover nation-state adversaries targeting its edge device products.

Zoom in: Cisco warned Wednesday that a nation-state hacking group was exploiting two previously unknown security flaws in its Adaptive Security Appliances.

  • The attackers used these vulnerabilities to deploy malware and execute commands on the systems of a "small set of customers," according to the advisory.
  • Cisco has been investigating reports of suspicious hacking activity since early this year, and it believes the hackers first launched some of its attacks in November.
  • Cisco has also found evidence that the hackers were testing their tactics as early as July.

Threat level: Cisco noted it had observed the same hacking group targeting Microsoft Exchange servers and other vendors' network devices.

  • Each of the affected organizations "involved government networks globally," Cisco added.
  • Wired reports that the hackers are likely aligned with the Chinese government.

The big picture: Nation-state hackers have been increasingly targeting edge devices such as routers and VPNs in their espionage campaigns.

  • These tools provide a launching pad for hackers into an organization's systems and include vital data about internal operations.

What's next: Cisco has released software updates to resolve both of the new vulnerabilities and is urging customers to patch their systems immediately.

  • The Cybersecurity and Infrastructure Security Agency ordered all federal civilian agencies to patch their networks by May 1.
Go deeper