U.S Government Probes VPN Hack Within Federal Agencies

English

U.S government probes vpn hack within federal agencies, races to find clues.

For at least the third time since the beginning of this year, the U.S. government is investigating a hack against federal agencies that began during the Trump administration but was only recently discovered, according to senior U.S. officials and private sector cyber defenders.

U.S government probes vpn hack within federal agencies.

The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into as customers used it.

More than a dozen federal agencies run Pulse Secure on their networks, according to public contract records.

An emergency cybersecurity directive last week demanded that agencies scan their systems for related compromises and report back.

The results, collected on Friday and analyzed this week, show evidence of potential breaches in at least five federal civilian agencies, said Matt Hartman, a senior official with the U.S. Cybersecurity Infrastructure Security Agency.

"This is a combination of traditional espionage with some element of economic theft," said one cybersecurity consultant familiar with the matter. "We've already confirmed data exfiltration across numerous environments."

The maker of Pulse Secure, Utah-based software company Ivanti, said it expected to provide a patch to fix the problem by this Monday, two weeks after it was first publicized. Only a "very limited number of customer systems" had been penetrated, it added.

Over the last two months, CISA and the FBI have been working with Pulse Secure and victims of the hack to kick out the intruders and uncover other evidence, said another senior U.S. official who declined to be named but is responding to the hacks.

The FBI, Justice Department and National Security Agency declined to comment.

The U.S. government's investigation into the Pulse Secure activity is still in its early stages, said the senior U.S. official, who added the scope, impact and attribution remain unclear.

Security researchers at U.S. cybersecurity firm FireEye and another firm, which declined to be named, say they've watched multiple hacking groups, including an elite team they associate with China, exploiting the new flaw and several others like it since 2019.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers

Coming soon...