.jpg?trim=0,0,0,0&width=1200&height=800&crop=1200:800&w=95&resize=95,95&ssl=1 "From Chipotle to Shake Shack — all the deals and freebies for Halloween")
.jpg?trim=0,0,0,0&width=1200&height=800&crop=1200:800&w=527&resize=527,297&ssl=1 "From Chipotle to Shake Shack — all the deals and freebies for Halloween")
Sign up for the daily Inside Washington email for exclusive US coverage and analysis sent to your inboxGet our free Inside Washington emailGet our free Inside Washington emailU.S. cyber security officials have issued an “emergency directive” after hackers breached at least one government agency.The Cybersecurity and Infrastructure Security Agency said it was aware of an “ongoing exploitation campaign by an advanced threat actor” that was targeting appliances made by Cisco Systems.CISA did not specify which agencies have been affected, or how, or where the threat had come from, though experts told CNN they believe the hackers are state-backed and based in China.The hackers, who are believed to have targeted Cisco previously, have been exploiting previously unknown flaws in the software for several months. Their activity presents “a significant risk to victim networks,” according to CISA.open image in galleryThe hackers are targeting appliances made by Cisco Systems, CISA says (Getty Images)“We are aware of hundreds of these [affected] devices being in the federal government,” said Chris Butera, a senior official at the Cybersecurity and Infrastructure Security Agency, according to CNN.He added that the emergency directive will help officials understand “the full scope of the compromise across federal agencies.”In its own release, Cisco said it had been made aware of the breaches by multiple government agencies in May 2025, and had “dedicated a specialized, full-time team to this investigation, working closely with a limited set of affected customers. “Our response involved providing instrumented images with enhanced detection capabilities, assisting customers with the analysis of packet captures from compromised environments, and conducting in-depth analysis of firmware extracted from infected devices,” the release said.“These collaborative and technical efforts enabled our teams to ultimately identify the underlying memory corruption bug in the product software.”open image in galleryCisco said it had been made aware of the breaches by multiple government agencies in May 2025, and had ‘dedicated a specialized, full-time team to this investigation’ (Getty Images)According to the company, the attackers were observed to have exploited “multiple zero-day vulnerabilities and employed advanced evasion techniques.” The complexity and sophistication of this incident required an extensive, multi-disciplinary response across Cisco’s engineering and security teams,” Cisco’s statement added.The company said it believes “with high confidence” that the most recent attack is related to the same threat actor as the ArcaneDoor attack campaign reported in early 2024.Cisco has urged its customers to update their software following the attacks.The Independent has reached out to CISA and Cisco for comment and any updates regarding the breach, including which agencies may have been targeted.
Source link
US cyber officials issue ‘emergency directive’ after hackers breach government agency
