Nation-state spies target Cisco firewalls
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Shoshana Gordon/Axios
A group of suspected nation-state hackers has been seen targeting widely used Cisco products, the company warned this week.
Why it matters: Cisco is just the latest IT vendor to uncover nation-state adversaries targeting its edge device products.
Zoom in: Cisco warned Wednesday that a nation-state hacking group was exploiting two previously unknown security flaws in its Adaptive Security Appliances.
- The attackers used these vulnerabilities to deploy malware and execute commands on the systems of a "small set of customers," according to the advisory.
- Cisco has been investigating reports of suspicious hacking activity since early this year, and it believes the hackers first launched some of its attacks in November.
- Cisco has also found evidence that the hackers were testing their tactics as early as July.
Threat level: Cisco noted it had observed the same hacking group targeting Microsoft Exchange servers and other vendors' network devices.
- Each of the affected organizations "involved government networks globally," Cisco added.
- Wired reports that the hackers are likely aligned with the Chinese government.
The big picture: Nation-state hackers have been increasingly targeting edge devices such as routers and VPNs in their espionage campaigns.
- These tools provide a launching pad for hackers into an organization's systems and include vital data about internal operations.
What's next: Cisco has released software updates to resolve both of the new vulnerabilities and is urging customers to patch their systems immediately.
- The Cybersecurity and Infrastructure Security Agency ordered all federal civilian agencies to patch their networks by May 1.
