The US Department of Homeland Security said that federal agencies have most likely been compromised through vulnerabilities in software products of Ivanti Inc.
The US Cyber Security and Infrastructure Security Agency, known as CISA, collaborates with organizations that were most likely targeted by hackers, through product vulnerabilities Pulse Connect Secure of Ivanti. CISA has asked agencies to use a tool designed to detect breaches.
"CISA is aware of at least five federal agencies that have used the Pulse Connect Secure Integrity Tool and found signs of possible unauthorized access"He said Matt Hartman, CISA executive. "We work with every organization to verify if there has been an intrusion and to offer support, depending on the incident".
Hartman did not provide further details on the organizations affected.
Hartman's statement comes a week after CISA issued an emergency warning about Ivanti Pulse Connect Secure products. According to this warning, Companies and organizations that used private networks and other Pulse Connect Secure products had to take steps to detect and mitigate potential breaches.
The US has not attributed the attacks to a specific hacking group. However, the security company FireEye Inc. recently found that hackers most likely associated with China, used Pulse Secure VPN to invade dozens of organizations for espionage purposes.
Ivanti said it was working closely with CISA and other security experts to investigate the incident and reduce malware detected on a limited number of systems.
According to the company, the Pulse team rushed to suggest ways to mitigate malicious activity and plans to release a software update in the coming days.
According to leaked data, the hackers used bugs in Ivanti products to target federal agencies related to finance, transport, energy, telecommunications and other.
"This is a very big issue in terms of national securitySaid Charles Carmakal, vice president and chief technology officer of FireEye.
Source: Financial Post