Given the appalling record of Cisco products for backdoors [0], and the
allegation that Cisco willingly installed backdoors [1] on the orders
of an agency known for espionage against the German government [2], is
it a surprise that the Russians found a key under the flower-pot?
And that's what happens if you demilitarize and then put all your cards on consulting companies. I wanna see the KPMG, McKinsey battalion defending the Eastern border against a Russian invasion.
Well aware that the big consulting firms work closely with western governments on certain subjects (public health, economy) but if they are providing military advice, that's news to me.
I hold the wider Cisco org with as much contempt as any non-MBA technologist, but to be fair, the WebEx team appear to be doing some interesting things with zero trust [0], MLS [1], and watermarking [2].
A lot of mass market / SaaS comms tools are abysmal at best on the security front but it's nice to at least see some semblance of effort on a few layers of controls.
Seems unlikely related to the Webex platform itself - either a device or account breach or network if they were silly enough not to use the E2E encryption feature.
[0] https://www.tomshardware.com/news/cisco-backdoor-hardcoded-a...
[1] https://www.infoworld.com/article/2608141/snowden--the-nsa-p...
[2] https://www.spiegel.de/international/germany/cover-story-how...