Priya Patel
TLDR:
- Cisco reveals a security breach targeting government networks
- State-sponsored actors launched an espionage campaign targeting network devices
Cisco Systems recently revealed a security breach where state-sponsored actors targeted security devices used by governments worldwide. The campaign, named “ArcaneDoor,” focused on intrusion points coveted by spies, such as perimeter network devices from various vendors. The company found victims globally, all linked to government networks. Cisco, along with cybersecurity agencies of Canada, Australia, and the UK, issued advisories urging customers to patch devices quickly. The Canadian Centre for Cyber Security, Australian Signals Directorate, and UK’s National Cyber Security Centre warned about malicious cyber activity targeting VPN services used by governments and critical infrastructure globally. The campaign involved espionage conducted by a sophisticated state-sponsored actor, using multiple layers of novel techniques.
The Canadian government’s Communications Security Establishment mentioned that it was too early to pinpoint the state behind the attack, emphasizing the importance of defending against all threats. Claudiu Popa, CEO of Datarisk Canada, expressed concerns over the attackers targeting information specifically, rather than ransomware or cyber extortion. The breach was first brought to Cisco’s attention in early 2024, uncovering actor-controlled infrastructure dating back to November 2023. Despite issuing patches to protect devices, there is a risk of persistent threats, requiring organizations to validate device security to ensure no backdoors exist.
Canada’s privacy commissioner is investigating a data breach at Global Affairs Canada following a cyberattack compromising personal information, potentially linked to the Cisco attack. The affected individuals, including employees, had their information accessed through the department’s virtual private networks. Cisco released software updates to address vulnerabilities exploited, providing clear guidance to customers for device integrity restoration. The company reassured users of their commitment to transparency and trust, earning customers’ confidence in facing product challenges.
