Events 0
En
Ua
Events 0
Search result:
More
Home Press center MITRE was hacked due to zero-day vulnerabilities in Ivanti
MITRE was hacked due to zero-day vulnerabilities in Ivanti- image 1
News
Published:

MITRE was hacked due to zero-day vulnerabilities in Ivanti

In January 2024, the organisation MITRE, a non-profit corporation that oversees research funded by the US federal government, suffered a major breach. The incident was caused by zero-day vulnerabilities in the IT vendor’s products Ivanti.

Hackers conducted reconnaissance activities in the network MITREusing one of the VPNs and two vulnerabilities in Ivanti Connect Secure. At least ten clients are known to have Ivanti was also affected by these cyberattacks. Although MITRE did not openly disclose who was behind the incident, thethe responsibility for exploiting these vulnerabilities has been attributed to chinese hackers.

Attackers compromised an Ivanti Connect Secure device at the network perimeter and laterally moved into the infrastructure VMware MITRE before zero-day vulnerabilities were discovered and reported. The organisation promptly “closed the front door” as recommended by Ivanti and the Cyber and Infrastructure Security Agency (CISA), but it was too late.

In a blog post, MITRE explained that the hackers exploited Ivanti’s vulnerabilities to further advance in the network by taking over a compromised administrator account. They used a combination of sophisticated backdoors and web shells to provide resilience and obtain credentials.

The investigation into the incident is still ongoing, and MITRE sees it as a telling story. After all, even organisations with high levels of cyber defence can fall victim to sophisticated attacks.

Jason Providence, President and CEO of MITRE, said: “No organisation is immune to these types of cyber attacks, even those that strive to maintain the highest level of cyber security.” He stressed the importance of timely reporting of incidents to act in the public interest and promote best practices.

Based on this experience, MITRE suggests the following steps to improve cybersecurity:

  • Adherence to the principle of “safety by design”. Hardware and software must be protected and secure as soon as it is released.
  • Developing secure supply chains. The capabilities of the software material specification ecosystem should be leveraged to better understand potential threats that may arise in the upper levels of software systems.
  • Implementation of the Zero Trust architecture. The use of not only multi-factor authentication, but also micro-segmentation of networks for an additional level of protection.
  • Interacting with attackers as a routine part of cyber defence. Regular interaction with potential adversaries is key to not only identifying but also deterring new threats.

Implementation of these strategies will allow businesses to improve their cybersecurity posture step by step on a global scale.

Sharing experiences and showcasing such cases is an important aspect of global cybersecurity, as the more we know about threats, the easier it is to fight them.

NEWS

Current news on your topic

Постреліз
Cyber Incidents Without Borders: How an Ecosystem for Data Sharing Is Taking Shape
More
News
Cybersecurity Dialogue in Kyiv: How Business is Changing Its Approach to Cybersecurity
More
News Vectra AI
Vectra AI expands network observability with proactive exposure management designed for AI enterprises
More
All news
All news
This website uses cookies for convenience. Privacy policy