The U.S. Cybersecurity & InfrastructureSecurityAgency (CISA) released guidelines for network engineers, defenders, and organizations withenterprise-grade networking equipment as part of its continuing investigation into the People’s Republic of China’s (PRC’s) massive cyber espionage campaign. While the agency has releasedgeneral guidelinesfor increased visibility and hardening that apply to any network, it also had a section labeled ‘Cisco-Specific Guidance.’
According to the document, “authoring agencies have observed Cisco-specific features often being targeted by, and associated with, these PRC cyber threat actors’ activity.” Aside from the recommendations mentioned, CISA also linked toCisco’s IOS XE Hardening GuideandGuide to Securing NX-OS Software Devices. This shows that the networking company is likely aware of its vulnerabilities and is taking steps to help protect its customers from those who need it without removing features that make it easier for others who don’t need more stringent security to use its products.
CISA acknowledges Cisco andGoogleCloud Security in the guideline document, which shows how the private sector cooperates with the U.S. government to help protect its network systems. Furthermore, this warning isn’t limited to the U.S., as other cybersecurity and counter-espionage agencies from other allied countries, specifically Australia, Canada, and New Zealand, are also participating in the investigation that the U.S. is leading.
This warning was made about a month after the U.S. CISA announced that PRC-affiliated actors were targeting eight commercial telecommunications providers across the U.S., which was suspected to have started as far back as 2022. It said the attackers exfiltrated customer call records, compromised the private communications of some high-value targets in government and politics, and copied information related to U.S. court proceedings.
The good news is that these activities are seemingly bound to the existing weaknesses of the target infrastructure, which are known to the authorities and manufacturers of the affected devices, which seem to be mostly Cisco networking equipment. CISA says that you could secure your network and prevent being targeted by these threat actors by patching the affected devices and services and ensuring your environment by following its released guidelines.
Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.
Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics.
