Multiple US agencies could have been hacked due to Ivanti flaws

Security flaws in Ivanti's VPN products could have allowed cybercriminals to breach at least five federal agencies according to an investigation carried out by the US Department of Homeland Security (DHS).

DHS' Cybersecurity and Infrastructure Security Agency (CISA) has been working alongside organizations that have been targeted by hackers exploiting vulnerabilities in Ivanti's Pulse Connect Secure VPN products. The IT software company only recently began offering VPN services to its customers when it acquired Pulse Secure back in September of last year.

In addition to working alongside affected organizations, CISA has also begun requiring federal civilian agencies to run Pulse Secure Connect's Security Integrity Tool, which was developed by Ivanti's Product Security Incident Response Team, to ensure the integrity of their software.

Deputy executive assistant director at CISA, Matt Harman provided further details on how the agency is working with organizations to verify the integrity of their VPN software in a statement to Bloomberg, saying:

“CISA is aware of at least five federal civilian agencies who have run the Pulse Connect Secure Integrity Tool and identified indications of potential unauthorized access. We are working with each agency to validate whether an intrusion has occurred and will offer incident response support accordingly.”  

Targeting federal agencies

While Harman did not name any of the US federal agencies that have been targeted outright, the cybersecurity firm FireEye recently attributed the cyberattacks to hackers believed to be based in China.

According to the company's SVP and CTO Charles Carmakal, the hackers in question used a vulnerability in Pulse Connect Secure to hack into dozens of organizations in order to carry out espionage. Although CISA has not formally attributed these attacks to Chinese-based hackers, the US did recently confirm suspicions that Russia was behind last year's Solar Winds hack.

So far organizations in the financial services, government and defense contracting industries have been targeted through security flaws in Pulse Connect Secure. However, Carmakal and FireEye's security researchers have also observed organizations in the transportation, energy, professional services and telecommunications sectors that were also targeted.

To Ivanti's credit, the company has been working closely with both CISA and cybersecurity experts to investigate and respond to “malicious activity” which was identified on a “very limited number of customers systems”.

Via Bloomberg



from TechRadar - All the latest technology news https://ift.tt/2SgTdH8
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us