A naukri.com initiative
Ars Technica
2w
430
Image Credit: Ars Technica
Canadian telecom hacked by suspected China state group
- Hackers suspected of working for the Chinese government exploited a vulnerability to hack a Canadian telecom provider.
- The Cyber Centre in Canada and the FBI believe the hackers are almost certainly PRC state-sponsored actors known as Salt Typhoon.
- Salt Typhoon previously backdoored over 10,000 Cisco devices using a severe vulnerability (CVE-2023-20198) patched 16 months earlier.
- This group has targeted US-based telecom companies before, compromising firms like Verizon and AT&T.
- The hackers likely used their access to monitor wiretap systems used by governmental agencies and other Internet traffic.
- In a campaign this year, the hackers exploited several vulnerabilities in addition to CVE-2023-20198.
- In mid-February 2025, Salt Typhoon compromised three network devices of a Canadian telecom using CVE-2023-20198.
- The hackers created a GRE tunnel to collect network traffic, potentially leading to further compromises.
- The Cyber Center stated that this targeting extends beyond the telecom sector, posing broader risks.
- The lack of action by Canadian Telecom to patch the known vulnerability raises serious security concerns.
- Canadian officials warn that China state hackers are likely to continue targeting Canadian organizations, including telecom providers.
Read Full Article
25 Likes
For uninterrupted reading, download the app