Security Bite: Hackers breach CISA, forcing the agency to take some systems offline

Share via:


The Cybersecurity and Infrastructure Security Agency (CISA) says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


A CISA spokesperson confirmed the breach in a statement. The agency stated that hackers gained access by exploiting vulnerabilities in internal Ivanti tools. The Utah-based firm provides IT security and systems management software to some 40,000 customers, from large organizations to government agencies worldwide, per its website.

“The impact was limited to two systems, which we immediately took offline,” CISA stated. We continue to upgrade and modernize our systems, and there is no operational impact at this time.” The agency didn’t specify whether data had been accessed or stolen.

The Record, which first reported on the incident, cited a source with knowledge of the situation as saying the hackers compromised two systems that were part of the Infrastructure Protection (IP) Gateway, which houses critical data and tools used to assess critical U.S. infrastructure, and the Chemical Security Assessment Tool (CSAT). The latter houses some of the United States’ most sensitive industrial information, including which chemical facilities are designated high-risk, Site Security Plans, and Security Vulnerability Assessments.

However, it’s important to note that CISA has not yet confirmed or denied whether these specific systems were taken offline.

While it’s not immediately clear who’s behind the attack, we do know it happened through the recent vulnerabilities affecting Ivanti Connect Secure VPN and Ivanti Policy Secure products, discovered by none other than CISA.

Ironically, the agency previously warned about vulnerabilities in Ivanti software. On February 1, it ordered all U.S. government agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure. Just weeks later, it officially alerted the organizations that threat actors were exploiting multiple Ivanti vulnerabilities CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.

A CISA spokesperson told The Record that the hack did not impact operations at the agency.

“This is a reminder that any organization can be affected by a cyber vulnerability, and having an incident response plan in place is a necessary component of resilience,” CISA adds.

Follow Arin: Twitter/X, Threads, LinkedIn

FTC: We use income earning auto affiliate links. More.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Security Bite: Hackers breach CISA, forcing the agency to take some systems offline


The Cybersecurity and Infrastructure Security Agency (CISA) says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


A CISA spokesperson confirmed the breach in a statement. The agency stated that hackers gained access by exploiting vulnerabilities in internal Ivanti tools. The Utah-based firm provides IT security and systems management software to some 40,000 customers, from large organizations to government agencies worldwide, per its website.

“The impact was limited to two systems, which we immediately took offline,” CISA stated. We continue to upgrade and modernize our systems, and there is no operational impact at this time.” The agency didn’t specify whether data had been accessed or stolen.

The Record, which first reported on the incident, cited a source with knowledge of the situation as saying the hackers compromised two systems that were part of the Infrastructure Protection (IP) Gateway, which houses critical data and tools used to assess critical U.S. infrastructure, and the Chemical Security Assessment Tool (CSAT). The latter houses some of the United States’ most sensitive industrial information, including which chemical facilities are designated high-risk, Site Security Plans, and Security Vulnerability Assessments.

However, it’s important to note that CISA has not yet confirmed or denied whether these specific systems were taken offline.

While it’s not immediately clear who’s behind the attack, we do know it happened through the recent vulnerabilities affecting Ivanti Connect Secure VPN and Ivanti Policy Secure products, discovered by none other than CISA.

Ironically, the agency previously warned about vulnerabilities in Ivanti software. On February 1, it ordered all U.S. government agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure. Just weeks later, it officially alerted the organizations that threat actors were exploiting multiple Ivanti vulnerabilities CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.

A CISA spokesperson told The Record that the hack did not impact operations at the agency.

“This is a reminder that any organization can be affected by a cyber vulnerability, and having an incident response plan in place is a necessary component of resilience,” CISA adds.

Follow Arin: Twitter/X, Threads, LinkedIn

FTC: We use income earning auto affiliate links. More.





Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Linkup connects LLMs with premium content sources (legally)

If you’ve used ChatGPT Search or Perplexity you...

Delhi HC To Hear Case In April 2025

SUMMARY The trademark dispute case between Elon Musk-led EV...

Honasa Promotes V Maheshwari as SVP-Product & Data Analytics

SUMMARY In his new role, Maheshwari will lead the...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!