- Canadian telecom firms have been hit with a cyber attack
- Chinese threats are suspected to be behind actor salt typhoon attacks
- Hackers exploited an existing Cisco defect to get access
The Canadian Center for Cyber Security, with the FBI, confirmed that hackers were able to get access to three network devices registered at a Canadian telecom company.
One at the Canadian Center for Cybercity states, “The cyber center is aware of malicious cyber activities. statement.
This is not an unfamiliar area for salt typhoon, as the group had reached at least eight American Telco giants in 2025, in which hackers allegedly achieved access to these networks in a large-scale monitoring campaign and affected dozens of countries and targeted many high-level officials.
A long -lasting campaign
Hackers, apparently exploited a high severity Cisco defect, which was tracked as a CVE-2023-20198 to receive access, allowing them to reconstruct the running configuration files from the equipment compromised, which were then amended to build the GRE tunnels, with the network to enabling traffic collections.
A patch for this defect is available from October 2023, which indicates a serious safety inspection in Canadian telecom cyber security.
The danger actors targeted these devices to use the victim’s device to collect these devices’ to collect information from the victim’s internal network, or to enable the agreement of the victims, which could tell how successful salt typhoon has been in compromising large organizations.
“While our understanding of this activity continues, we assess that the PRC cyber actors will definitely continue to target Canadian organizations as part of this detective campaign, including” statement “including telecom service providers and their customers over the next two years.
Telecommunications companies are a high-primaryness for danger actors as they store large amounts of customer data and are useful intelligence values for cyber-gynecological campaigns.
Through: Arstechnica
