Canadian Telecom Firm Hit by Suspected Chinese Cyberattack
▼ Summary
– Hackers linked to the Chinese government exploited a patched vulnerability to target a Canadian telecom provider, according to Canadian and US officials.
– The Canadian Cyber Centre identified the attackers as PRC state-sponsored group Salt Typhoon, with the FBI issuing a similar statement.
– Salt Typhoon is known for global cyberattacks and previously exploited a critical Cisco vulnerability (CVE-2023-20198) affecting over 10,000 devices.
– The vulnerability impacted Cisco devices with exposed HTTP/HTTPS servers, and a patch was released shortly after its disclosure.
– Salt Typhoon also breached US telecom companies like Verizon and AT&T, potentially monitoring wiretap systems and internet traffic.
Canadian telecommunications networks have reportedly fallen victim to a sophisticated cyberattack linked to Chinese state-sponsored hackers, according to joint statements from Canadian and U.S. authorities. The breach exploited a critical vulnerability that had been patched over a year prior, highlighting ongoing security challenges in the sector.
Canada’s Cyber Centre, the nation’s leading cybersecurity agency, confirmed the intrusion, attributing it to a hacking group known as Salt Typhoon, a collective widely recognized for conducting cyber operations on behalf of China. The FBI echoed these findings, reinforcing concerns about the persistent threat posed by state-backed actors targeting critical infrastructure.
Security experts identify Salt Typhoon as a highly skilled cyber espionage unit with a history of infiltrating global networks. Last year, researchers uncovered their exploitation of CVE-2023-20198, a critical flaw in Cisco devices that allowed unauthorized access to routers, switches, and wireless controllers. Despite Cisco issuing a patch shortly after the vulnerability’s disclosure, unpatched systems remained exposed, enabling prolonged unauthorized access.
This incident mirrors previous attacks where Salt Typhoon breached major U.S. telecom providers, including Verizon and AT&T. Reports suggest the hackers leveraged their access to monitor sensitive communications, including wiretap systems used by law enforcement. The group’s ability to intercept internet traffic raises significant concerns about data security and the potential for broader intelligence-gathering operations.
The latest breach underscores the urgent need for organizations to prioritize timely software updates and robust cybersecurity measures, particularly in industries handling critical communications infrastructure. As state-sponsored threats evolve, maintaining vigilance against known vulnerabilities remains a key defense strategy.
(Source: Ars Technica)
