Cisco says hackers have undermined its security equipment to spy on governments

By Raphael Satter

WASHINGTON (Reuters) – Technology company Cisco Systems said hackers have subverted some of its digital security equipment to break into government networks worldwide.

In a blog post published on Wednesday, the company said its Adaptive Security Appliances – devices that combine several digital defense functions into one – had previously unknown vulnerabilities that had been exploited by a group of hackers they dubbed “UAT4356.”

The blog post described the group as a “sophisticated state-sponsored actor” and said the company’s investigation found victims “involving government networks worldwide.” Cisco said the vulnerabilities have been patched.

In a statement, the company said it was urging customers to take “immediate action” to update their software. It provided no further details about the breaches, which it said dated earlier this year.

Security equipment such as routers and other so-called edge devices have become an increasingly popular vector for sophisticated hackers because they are located at the edge of a target’s network and can be difficult to control.

In its post, Cisco warned that it had seen evidence that the UAT4356 hackers were interested in “and potentially attacking” network devices from Microsoft and other vendors. Microsoft did not immediately return an email.

The Cybersecurity and Infrastructure Security Agency (CISA) said it “has not confirmed any evidence at this time that this activity is impacting U.S. government networks.” CISA released a warning about Cisco’s vulnerabilities on Wednesday.

(Reporting by Raphael Satter in Washington; Editing by Matthew Lewis)