Chinese state-sponsored threat operation Salt Typhoon was noted by the FBI and the Canadian Centre for Cyber Security to have compromised a leading Canadian telecommunications provider in a February attack, BleepingComputer reports.
Attackers leveraged the critical Cisco IOS XE vulnerability, tracked as CVE-2023-20198, in mid-February to access three of the telco's network devices and obtain their running configuration files, at least one of which had been altered to facilitate GRE tunnel configuration and eventual network traffic collection activities, according to the joint U.S. and Canadian bulletin. Organizations across Canada have been urged by the Cyber Centre to strengthen their network security amid persistent Salt Typhoon intrusions expected within the next two years as the hacking group moves to diversify its targets. Such a development comes a week after U.S. satellite communications company Viasat was confirmed to be breached by Salt Typhoon as part of attacks that were reported to have infiltrated AT&T, Verizon, and Lumen Technologies, among others.
Attackers leveraged the critical Cisco IOS XE vulnerability, tracked as CVE-2023-20198, in mid-February to access three of the telco's network devices and obtain their running configuration files, at least one of which had been altered to facilitate GRE tunnel configuration and eventual network traffic collection activities, according to the joint U.S. and Canadian bulletin. Organizations across Canada have been urged by the Cyber Centre to strengthen their network security amid persistent Salt Typhoon intrusions expected within the next two years as the hacking group moves to diversify its targets. Such a development comes a week after U.S. satellite communications company Viasat was confirmed to be breached by Salt Typhoon as part of attacks that were reported to have infiltrated AT&T, Verizon, and Lumen Technologies, among others.
