Chinese Hackers Exploit Cisco Flaws to Breach Global Telecom Networks

Chinese state-sponsored hacking group Salt Typhoon has intensified its cyber-espionage activities, targeting telecommunications providers worldwide by exploiting known vulnerabilities in Cisco network devices. Despite previous exposure and sanctions, the group continues to infiltrate critical infrastructure, compromising sensitive communications data.

Between December 2024 and January 2025, Salt Typhoon successfully breached at least five telecommunications networks, including two based in the United States. Other affected entities include a U.S.-based affiliate of a prominent U.K. telecommunications provider and a major South African telecom company. The group’s reach extends to internet service providers in Italy and Thailand, as well as several U.S. universities, potentially aiming to access cutting-edge research in telecommunications.

The attackers leveraged unpatched vulnerabilities in Cisco devices, specifically CVE-2023-20198 and CVE-2023-20273, to gain initial access and escalate privileges within the targeted networks. These flaws, present in the web user interface of Cisco IOS XE software, allowed Salt Typhoon to reconfigure devices and establish persistent access through generic routing encapsulation tunnels.

ADVERTISEMENT

Salt Typhoon, also known as RedMike, has a history of sophisticated cyber-espionage campaigns, primarily focusing on counterintelligence targets in the United States. The group’s operations have previously compromised major U.S. telecommunications companies, including Verizon, AT&T, and T-Mobile, accessing sensitive data such as call logs, text messages, and even live call audio. These breaches have raised significant concerns about national security and the protection of sensitive communications.

In response to these ongoing threats, U.S. government agencies have issued advisories recommending the use of end-to-end encrypted communication applications to safeguard sensitive information. The Federal Bureau of Investigation has specifically urged users to avoid standard text messaging between Android and Apple devices, advocating for secure platforms like WhatsApp and Signal to mitigate interception risks.

Cisco has acknowledged the vulnerabilities and released patches to address them. However, the persistence of unpatched devices in critical networks underscores the challenges organizations face in maintaining up-to-date security measures. The exploitation of these known flaws by state-sponsored actors like Salt Typhoon highlights the necessity for continuous vigilance and proactive cybersecurity practices.

The recent intrusions have not only affected telecommunications providers but also academic institutions. Several U.S. universities, known for their advanced research in telecommunications, have reported breaches linked to Salt Typhoon. These incidents suggest a concerted effort by the group to acquire proprietary research and technological advancements, potentially to bolster China’s own capabilities in the sector.

The international community has expressed growing concern over China’s cyber-espionage activities. Despite diplomatic protests and sanctions, groups like Salt Typhoon continue to operate with impunity, posing a persistent threat to global cybersecurity. The ability of these actors to adapt and exploit existing vulnerabilities emphasizes the need for a coordinated and robust international response.



Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT
Social Media Auto Publish Powered By : XYZScripts.com
Just in:
OpenAI limits Sol launch amid cyber risks // Oil gains as Gulf truce faces strain // Save the Children Hong Kong’s Play to Thrive: Prioritising Personal Growth Over Competitive Success // 5 Law Firms Making a Difference in Cincinnati // Bracell Welcomes Fernando Branco’s Appointment to Lead ABAF and Reinforces Commitment to Sustainable Forestry Development in Bahia // Bid To Rebuild Bengal To Its Old Glory Is Welcome, Though Difficult // China’s digital hub Hangzhou hosts conference on AI, OPC // World’s First Commercial Multimodal LLM for Cultural Tourism Enters Broad Application // Why your AI transformation can fail — and it’s not the technology // This summer will never stop us from our wellness routine // Alibaba Cloud gains edge in agentic AI race // France and Oman press toll-free Hormuz passage // Dubai advances Gold Line contractor race // XRG and Eni deepen Argentina LNG push // CG Capital, the Leader in Branded Residences in Thailand, Marks Milestone Success for InterContinental Residences Bangkok Asoke Amid Global Economic Uncertainty // ClawHub breach exposes agent marketplace risk // PRHK 2026 Benchmark Report highlights how Hong Kong’s IPO revival, AI, and the GBA are reshaping the SAR’s PR industry // Afogreen Build Highlights Growing Adoption of Building Performance Modelling in Australia’s Sustainability-Driven Construction Sector // Most UAE expats under-insured, reveals survey // Binzhou’s Leap from Manufacturing to Intelligent Manufacturing //