Ivanti Pulse Connect Secure data breach
This article needs to be updated.(May 2021) |
On April 20, 2021, it was reported that suspected Chinese-state backed hacker groups had breached multiple government agencies, defense companies and financial institutions in both the US and Europe after the hackers created and used a
Impact
A Cybersecurity and Infrastructure Security Agency alert reported that the attacks affected "U.S. government agencies, critical infrastructure entities, and other private sector organizations."[6] A spokesperson for Ivanti said that only a "limited number" of customers had been compromised.[7] Mandiant's chief financial officer Charles Carmakal said that while the hack had only a small indication of having a large number of victims. He said the breach was significant because it had allowed unauthorized access to federal and corporate systems for months.[8]
Responses
A spokesperson for Ivanti said that while mitigations are in place a patch to fix the vulnerabilities was not expected until May.[9] With the patch finally being released on May 3, 2021.[10] The CISA issued an emergency directive requiring that federal agencies install product updates.[11] China has denied being behind the attack and accused the U.S. of being the "biggest empire of hacking and tapping."[12]
See also
- Cyberwarfare by China
- 2020 United States federal government data breach
- 2021 Microsoft Exchange Server data breach
References
- ^ Miller, Maggie (2021-04-20). "Multiple agencies breached by hackers using Pulse Secure vulnerabilities". The Hill. Retrieved 2021-04-21.
- ^ "Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day". FireEye. Retrieved 2021-04-21.
- ^ Brian Fung and Geneva Sands (20 April 2021). "Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe". CNN. Retrieved 2021-04-21.
- ^ "Exploitation of Pulse Connect Secure Vulnerabilities | CISA". us-cert.cisa.gov. Retrieved 2021-04-21.
- ^ Brian Fung and Geneva Sands (20 April 2021). "Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe". CNN. Retrieved 2021-04-21.
- ^ "Exploitation of Pulse Connect Secure Vulnerabilities | CISA". us-cert.cisa.gov. Retrieved 2021-04-21.
- ^ Miller, Maggie (2021-04-20). "Multiple agencies breached by hackers using Pulse Secure vulnerabilities". The Hill. Retrieved 2021-04-21.
- ^ "China behind another hack as U.S. cybersecurity issues mount". NBC News. 22 April 2021. Retrieved 2021-04-22.
- ^ Miller, Maggie (2021-04-20). "Multiple agencies breached by hackers using Pulse Secure vulnerabilities". The Hill. Retrieved 2021-04-21.
- ^ Mackie, Kurt (2021-05-03). "Patch Issued for Critical Vulnerability in Pulse Connect Secure VPNs -- Redmondmag.com". Redmondmag. Retrieved 2021-05-10.
- ^ Brian Fung and Geneva Sands (20 April 2021). "Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe". CNN. Retrieved 2021-04-21.
- ^ "China calls U.S. "biggest empire of hacking" after being accused of cyber spying". Newsweek. 2021-04-21. Retrieved 2021-04-22.