Call 0121 289 4477
Solutions4IT Logo
Money Back Guarantee
6 Month Trial Period
Plain English IT Support
No jargon, no tricky words
Trustworthy & Reliable
4.9* Google Reviews
Happy clients
99% Customer Satisfaction

NCSC Warning: Cisco SD-WAN Networks Being Targeted

The NCSC have recently issued a warning about attackers targeting organisations using Cisco Catalyst SD-WAN systems.

If your business relies on SD-WAN to connect offices, data centres, or remote workers, this is something your IT team should be aware of.

Attackers are attempting to break into vulnerable systems and secretly add what’s known as a “rogue peer”. Once inside, they can potentially gain full control of the network system and keep access long-term.

Who Could Be Affected?

Any organisation using Cisco Catalyst SD-WAN could be at risk — particularly if the management interface is exposed to the internet.

That interface is meant for administrators only. If it’s publicly accessible, it can act like leaving your server room door unlocked.

Security agencies from the UK, US, Australia, Canada, and New Zealand have all been involved in investigating the activity and issuing guidance.

What Should Businesses Do?

If your organisation uses Cisco SD-WAN, there are a few important steps to take.

Update Your Software

Cisco has already released security updates for the affected systems. Installing the latest versions should be the first step.

Check for Suspicious Activity

IT teams should review logs and investigate whether their systems show signs of compromise.

Lock Down Management Access

Management interfaces should never be publicly exposed. They should sit safely behind firewalls and restricted access controls.

Strengthen Security Settings

Cisco also recommends implementing additional hardening measures, including:

  • Using proper SSL certificates instead of default ones

  • Setting shorter admin session timeouts

  • Enabling stronger encryption between devices

  • Sending logs to a remote monitoring system

Why This Matters

SD-WAN technology sits right at the heart of modern business networks, connecting offices, cloud systems, and remote workers.

If attackers gain access here, they can potentially move through the rest of the network, making it a high-value target.

That’s why keeping systems patched, monitored, and properly configured is critical.

If you’re unsure whether your systems are protected, it’s worth getting your IT provider to run a quick security review.

We hope you’ve liked this blog. Stay tuned for more blogs like this. Stay safe!

Request your FREE IT Audit button

Recent Posts

Solutions4IT Logo Main
Forge House,
Mucklow Hill,
Halesowen,
West Midlands
B62 8DN
0121 289 4477
ISO 27001 UKAS logo
Services
Branches
Social
© Copyright Solutions 4 IT Ltd 2026. All Rights Reserved. Terms & Conditions Privacy Policy