TECHNOLOGY firm Cisco Systems said that hackers have subverted some of its digital security devices to break in to government networks globally.
In a blog post published on Wednesday (Apr 24), the company said its Adaptive Security Appliances – pieces of equipment that roll several different digital defence functions into one – had previously unknown vulnerabilities that had been exploited by a group of hackers they called UAT4356.
The blog post described the group as a “sophisticated state-sponsored actor” and said that the company’s investigation found victims that “involved government networks globally”. Cisco said the vulnerabilities have been patched.
In a statement, the company said it urged customers to take “immediate action” to update their software. It did not give further details on the breaches, which it said dated back to earlier this year.
Security equipment such as routers and other so-called edge devices has become an increasingly popular vector for advanced hackers because it resides at the perimeter of a target’s network and can be difficult to monitor.
In its post, Cisco warned that it had seen evidence that the UAT4356 hackers were interested in “and potentially attacking” network devices from Microsoft and other vendors. Microsoft did not immediately return an e-mail.
GET BT IN YOUR INBOX DAILY
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
The Cybersecurity and Infrastructure Security Agency (CISA) said it had “not confirmed evidence of this activity affecting US government networks at this time”. CISA released an alert on the Cisco vulnerabilities on Wednesday. REUTERS
