Canadian telecom hacked by suspected China state group
1 min read
Summary
Officials from the US and Canada have blamed Salt Typhoon, a group allegedly backed by the Chinese government, for exploiting a vulnerability in Cisco routers that was patched in 2023.
The hackers are said to have targeted a Canadian telecoms provider, although it is unclear whether they successfully breached the company’s network.
The flaw, designated CVE-2023-20198, was rated as critical and affected devices running Cisco’s iOS XE operating system.
The issue enables malicious actors to create validated user accounts without the need for authentication, granting administrator-level privileges to the attackers.
Salt Typhoon is the name given to a group that has previously targeted telecoms providers in the US, including Verizon and AT&T.
