1. Forum
  2. Fidonet
  3. CONSPRCY

  • Top Canadian telecom firm

    From Mike Powell@1:2320/105 to All on Wed Jun 25 08:25:00 2025
    Top Canadian telecom firms may have been hit by Chinese Salt Typhoon hackers

    Date:
    Tue, 24 Jun 2025 15:03:00 +0000

    Description:
    Hackers have seemingly used a Cisco flaw to gain access to telco network.

    FULL STORY

    The Canadian Centre for Cyber Security, alongside the FBI, have confirmed hackers were able to gain access to three network devices registered to a Canadian Telecommunications company.

    The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies. The responsible actors are almost certainly PRC state-sponsored actors, specifically Salt Typhoon, The Canadian Centre for Cybersecurity said in a statement.

    This isnt unfamiliar territory for Salt Typhoon, as the group compromised at least eight US telco giants earlier in 2025, with the hackers allegedly
    having access to these networks for months in a mass surveillance campaign affecting dozens of countries and targeting several high-level officials.

    A long running campaign

    The hackers, apparently exploited a high severity Cisco flaw, tracked as CVE-2023-20198 to gain access, allowing them to retrieve running
    configuration files from the compromised devices, which were then modified in order to create a GRE tunnel, enabling traffic collection from the network
    the devices were connected to.

    A patch for this flaw has been available since October 2023, which indicates
    a serious security oversight in Canadian Telecom cybersecurity.

    The threat actors most likely targeted these devices in order to collect information from the victims internal network, or use the victims device to enable the compromise of further victims, which could explain how Salt
    Typhoon has been so successful in compromising large organizations.

    While our understanding of this activity continues to evolve, we assess that PRC cyber actors will almost certainly continue to target Canadian organizations as part of this espionage campaign, including
    telecommunications service providers and their clients, over the next two years, the statement confirms.

    Telecommunication companies are a high-priority for threat actors as they
    store large amounts of customer data and have useful intelligence value for cyber-espionage campaigns.

    Via: ArsTechnica

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-canadian-telecom-firms-may-have-bee n-hit-by-chinese-salt-typhoon-hackers

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)