China-Linked Hackers Target Cisco Firewalls in Global Campaign

New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices.

A China-linked hacking group, known to security experts as Storm-1849 (also tracked as UAT4356), has been actively compromising Cisco firewalls used by governments and large firms worldwide.

According to experts at Palo Alto Networks’ Unit 42, the hackers are “scanning for and exploiting a popular line of Cisco firewalls,” specifically the Cisco Adaptive Security Appliance (ASA) line, which is vital for government bodies, defence institutions, and major companies across the US, Europe, and Asia.

It is worth noting that Cisco ASA appliances are high-value targets because they combine several security roles, such as filtering network traffic, checking for viruses, and handling secure connections (VPNs), acting as a gateway to sensitive internal systems.

Though CISA and Cisco have not officially named Chinese actors ...