DriveNews.co.uk: Your Ultimate Hub for Comprehensive Automotive News and Insights! We bring you the latest reports, stories, and updates from the world of cars, covering everything from vehicle launches to driving tips. Stay with DriveNews.co.uk to stay revved up about the automotive world 24/7

Contacts

  • Owner: SNOWLAND s.r.o.
  • Registration certificate 06691200
  • 16200, Na okraji 381/41, Veleslavín, 162 00 Praha 6
  • Czech Republic

‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks

Network security appliances like firewalls are meant to keep hackers out. Instead, digital intruders are increasingly targeting them as the weak link that lets them pillage the very systems those devices are meant to protect. In the case of one hacking campaign over recent months, Cisco is now revealing that its firewalls served as beachheads for sophisticated hackers penetrating multiple government networks around the world.

On Wednesday, Cisco warned that its so-called Adaptive Security Appliances—devices that integrate a firewall and VPN with other security features—had been targeted by state-sponsored spies who exploited two zero-day vulnerabilities in the networking giant's gear to compromise government targets globally in a hacking campaign it's calling ArcaneDoor.

The hackers behind the intrusions, which Cisco's security division Talos is calling UAT4356 and which Microsoft researchers who contributed to the investigation have named STORM-1849, couldn't be clearly tied to any previous intrusion incidents the companies had tracked. Based on the group's espionage focus and sophistication, however, Cisco says the hacking appeared to be state-sponsored.

“This actor utilized bespoke tooling that demonstrated a clear focus on espionage and an in-depth knowledge of the devices that they targeted, hallmarks of a sophisticated state-sponsored actor,” a blog post from Cisco's Talos researchers reads.

Cisco declined to say which country it believed to be responsible for the intrusions, but sources familiar with the investigation tell WIRED the campaign appears to be aligned with China's state interests.

Cisco says the hacking campaign began as early as November 2023, with the majority of intrusions taking place between December and early January of this year, when it learned of the first victim. “The investigation that followed identified additional victims, all of which involved government networks globally,” the company's report reads.

In those intrusions, the hackers exploited two newly discovered vulnerabilities in Cisco's ASA products. One, which it's calling Line Dancer, let the hackers run their own malicious code in the memory of the network appliances,

Read more on wired.com
Prev Post
Hongqi EH7 convertible debuts at the BJ auto show

Related News

Latest Posts
Bicester Heritage hosts government launch of classic car consultation
  • By bbc.co.uk

Bicester Heritage hosts government launch of classic car consultation

Australian Government increases safety requirements for its fleet vehicles
  • By whichcar.com.au

Australian Government increases safety requirements for its fleet vehicles

VW ID.Buzz features, Supercharger network growth, Vinfast and Sony: Today’s Car News
  • By greencarreports.com

VW ID.Buzz features, Supercharger network growth, Vinfast and Sony: Today’s Car News

Ford partners with Evie for home EV charging unit and $400 network credit
  • By whichcar.com.au

Ford partners with Evie for home EV charging unit and $400 network credit

Waymo robotaxis now completing 50,000 paid trips a week
  • By digitaltrends.com

Waymo robotaxis now completing 50,000 paid trips a week

Musk: Tesla Supercharger network plans $500M expansion despite layoffs
  • By greencarreports.com

Musk: Tesla Supercharger network plans $500M expansion despite layoffs