Hackers breached Cisco devices in the US government
Kyiv • UNN
The US Cybersecurity Agency issued a directive to address vulnerabilities after ArcaneDoor hackers breached Cisco Systems Inc. devices. This attack, ongoing since 2024, affected critical infrastructure, but the scale and victims remain unknown.
Hackers have breached firewall devices in the United States federal government. This is reported by Bloomberg, citing a high-ranking federal official, UNN reports.
Details
On Thursday, September 25, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive, obliging federal agencies to eliminate vulnerabilities and check hundreds of Cisco Systems Inc. firewalls used by US government agencies for possible breaches and eliminate them.
The threat is widespread
According to the publication, emergency directives apply only to federal civilian networks, but Butera strongly urged other government agencies and private companies to follow these recommendations.
It is noted that neither CISA nor Cisco have been able to determine who exactly was hacked, and the scale and severity of the incident remain unknown.
Hackers, whom Cisco calls ArcaneDoor, have been engaged in cyber espionage since 2024. CISA's investigation confirmed the hacking of devices in government agencies, Butera said.
According to him, the agency believes that the attacks affected critical infrastructure in the US, but declined to name specific victims.
Recall
In August 2025, the FBI and Cisco reported that Russian hackers used a vulnerability in old Cisco software to attack thousands of network devices. Hackers collected configuration files and modified them for long-term access to critical infrastructure.