December 4, 2024 at 08:03AM
US, Canada, Australia, and New Zealand agencies issued guidance to improve communication infrastructure security against China-linked cyber threats. Recommendations focus on enhancing network visibility, hardening devices, and specific advice for Cisco systems following espionage attacks targeting telecom providers. Agencies report uncertainty about the full extent of these threats.
**Meeting Takeaways:**
1. **Joint Guidance Issued:**
– Government agencies in the US, Canada, Australia, and New Zealand released joint guidance to enhance the security of communications infrastructure due to espionage attacks by China-linked threat actors.
2. **Key Recommendations:**
– Strengthening visibility into network traffic, user activity, and data flow to aid in threat detection.
– Hardening devices and systems to prevent access by threat actors.
3. **Targeted Advice:**
– Specific guidance provided for network engineers and defenders, with tailored advice for different teams.
– Cisco devices highlighted as a focus, with concerns over vulnerabilities linked to these systems.
4. **Cisco Device Security:**
– Organizations advised to implement best practices from Cisco for devices running IOS XE and NX-OS software.
– Recommendations include disabling features abused in attacks and securely storing device passwords.
5. **Ongoing Threat Assessment:**
– Officials noted uncertainty regarding the extent of the attacks and whether Chinese hackers still have access to US networks.
– The attacks came to light in September, with a particular threat group named Salt Typhoon identified.
6. **Impact on Major Companies:**
– Targeted telecom providers in the US include Verizon, AT&T, Lumen Technologies, and T-Mobile, with T-Mobile reporting limited impact.
7. **Attack Objectives:**
– The hackers aimed for customer data theft and espionage, obtaining metadata from calls and texts, with some victims having their conversations and messages monitored.
8. **Further Context:**
– Related discussions include the U.S. government urging employees to limit phone usage in light of these threats.