Two Suspects Linked to China's Salt Typhoon Hacker Group Trained on Cisco Networking Academy

According to Cary, the two men in question, who have not been named, are believed to have participated in the Cisco Networking Academy, which offers training in IT networking and cybersecurity to students around the world. The program's website emphasizes the accessibility of its training, stating that education can be the ultimate equalizer, enabling anyone to develop expertise and shape their destiny in a digital era. However, Cary notes that this statement takes on a different meaning when the destiny of those students appears to be linked to a state-sponsored hacking operation. Cary's findings raise questions about the potential risks of providing training in cybersecurity to individuals who may use their skills for malicious purposes. "It's a classic case of 'train the enemy,'" Cary said in an interview. "If we're providing training in cybersecurity to individuals who are likely to use it for nefarious purposes, then we're essentially arming them with the skills they need to carry out their attacks." The Salt Typhoon group has been linked to numerous high-profile cyberattacks, including the breach of at least nine telecom companies, which allowed the hackers to spy on Americans' real-time calls and texts. The group's targets have included companies that use Cisco products, which has led some to question the company's role in enabling the hackers' activities. Cisco has not commented on the specific allegations made by Cary, but the company has emphasized its commitment to cybersecurity and its efforts to prevent the misuse of its products. "We take the security of our products and the trust of our customers very seriously," a Cisco spokesperson said. "We have a robust set of security measures in place to prevent the misuse of our products, and we work closely with law enforcement and other stakeholders to address any potential security threats." The discovery of the connection between the Salt Typhoon hackers and the Cisco Networking Academy highlights the complex and often murky world of cybersecurity. As more individuals and organizations become increasingly dependent on technology, the risks of cyberattacks and the potential consequences of those attacks continue to grow. In this context, the question of how to balance the need for cybersecurity training with the potential risks of providing that training to individuals who may use their skills for malicious purposes becomes increasingly pressing. Cary's research has sparked a wider debate about the need for greater transparency and accountability in the cybersecurity industry. "We need to be more careful about who we're training and what we're teaching them," Cary said. "We can't just assume that everyone who participates in our training programs is going to use their skills for good. We need to be more vigilant and more proactive in preventing the misuse of our products and our training." As the cybersecurity landscape continues to evolve, it is likely that this issue will remain a topic of debate and discussion. In the meantime, Cisco and other companies in the industry will need to carefully consider their role in providing cybersecurity training and the potential risks and consequences of that training.