Tag: agency | SpinSafe

Federal Cyber Agency Offlines 2 Systems After Ivanti Hack

March 14, 2024/in Internet Security

After issuing a warning about Ivanti zero-day vulnerabilities, the federal Cybersecurity and Infrastructure Security Agency (CISA) has now suffered a pair of breaches because of the incident.

Hackers exploiting vulnerabilities in Ivanti products breached two CISA systems in February, according to Recorded Future. The agency said it immediately took those systems offline, and that no other systems were affected. A spokesperson said CISA saw “no operational impact at this time,” and “continue[s] to upgrade and modernize” its systems.

CISA has not disclosed which systems were impacted. However, Recorded Future reported that one was the Infrastructure Protection (IP) Gateway. Per CISA’s website, that gateway serves as the way that Department of Homeland Security partners access integrated IP tools, capabilities and information to conduct comprehensive critical infrastructure vulnerability assessments and other security-related business.

The other system was the Chemical Security Assessment Tool, a portal housing surveys and applications that chemical facilities must complete to help CISA assess the risks of terrorists weaponizing the chemicals they hold, as part of a lapsed federal program.

Randy Rose is senior director of security operations and intelligence at the Center for Internet Security. Stone said it was hard to imagine such an incident having an impact on local government, other than potentially making some online resources unavailable. Users of the systems who have a key contact at CISA should be able to reach out and learn about possible impacts, he said.

Lower-level governments, however, now face more risks in using Ivanti products. After the vulnerabilities were discovered, the Center for Internet Security scanned for it among lower governments, finding more than 100 devices.

The vulnerabilities are in products that have been widely used across the public and private sectors for providing secure remote connections, Rose said. This points to the importance of organizations adopting a layered approach to security and risk management, mitigating risk when one line of defense fails.

Local governments…

Source…

Ex-CIA computer engineer gets 40 years in prison for giving spy agency hacking secrets to WikiLeaks

February 6, 2024/in Computer Security

NEW YORK — A former CIA software engineer was sentenced to 40 years in prison on Thursday after his convictions for what the government described as the biggest theft of classified information in CIA history and for possession of child sexual abuse images and videos.

The bulk of the sentence imposed on Joshua Schulte, 35, in Manhattan federal court came for an embarrassing public release of a trove of CIA secrets by WikiLeaks in 2017. He has been jailed since 2018.

“We will likely never know the full extent of the damage, but I have no doubt it was massive,” Judge Jesse M. Furman said as he announced the sentence.

The so-called Vault 7 leak revealed how the CIA hacked Apple and Android smartphones in overseas spying operations, and efforts to turn internet-connected televisions into listening devices. Prior to his arrest, Schulte had helped create the hacking tools as a coder at the agency’s headquarters in Langley, Virginia.

In requesting a life sentence, Assistant U.S. Attorney David William Denton Jr. said Schulte was responsible for “the most damaging disclosures of classified information in American history.”

Given a chance to speak, Schulte complained mostly about harsh conditions at the Metropolitan Detention Center in Brooklyn, calling his cell, “My torture cage.”

But he also claimed that prosecutors had once offered him a plea deal that would have called for a 10-year prison sentence and that it was unfair of them to now seek a life term. He said he objected to the deal because he would have been required to relinquish his right to appeal.

“This is not justice the government seeks, but vengeance,” Schulte said.

Immediately afterward, the judge criticized some of Schulte’s half-hour of remarks, saying he was “blown away” by Schulte’s “complete lack or remorse and acceptance of responsibility.”

The judge said Schulte was “not driven by any sense of altruism,” but instead was “motivated by anger, spite and perceived grievance” against others at the agency who he believed had ignored his complaints about the work environment.

Furman said Schulte continued his crimes from behind bars by trying to leak more classified materials and by creating a hidden…

Source…

UK unprepared for catastrophic ransomware attack: Report – Anadolu Agency | English

December 14, 2023/in Internet Security

UK unprepared for catastrophic ransomware attack: Report Anadolu Agency | English

Source…

Ransomware attack in US: Dozens of credit unions experience outrages due to cyberattack on Trellance, federal agency says

December 3, 2023/in Internet Security

About 60 credit unions in the United States are experiencing outages because of a ransomware attack on an IT provider the institutions use, according to a federal agency.

The video above is ABC13’s 24/7 livestream.

On Friday, the National Credit Union Administration (NCUA), the agency that insures deposits at federally insured credit unions, said in a statement to ABC News that it was “coordinating with affected credit unions” in the wake of the hack.

The full extent of the outage and its impact on credit unions was unclear Friday evening. One of the affected credit unions, New York-based Mountain Valley Federal Credit Union, told CNN that technicians from the hacked IT provider were “working around the clock to get our systems” back online.

According to NCUA spokesperson Joseph Adamoli, credit unions reported that the ransomware attack, in which cybercriminals typically lock computer systems as an extortion tactic, affected a unit of Trellance, a cloud computing firm provider used by credit unions.

NCUA told ABC News that the hack occurred through a third-party vendor, FedComp, using Trellance software, which was the source of the cyberattack.

Trellance did not immediately respond to a request for comment on Friday.

“Member deposits at affected federally insured credit unions are insured by the National Credit Union Share Insurance Fund up to $250,000,” NCUA said.

The Record, a cybersecurity news publication, reported earlier on the ransomware attack.

The incident is just the latest example of how ransomware attacks have caused havoc for U.S. critical infrastructure in recent years. Hospitals, fuel pipelines, and schools have also been disrupted by the file-locking cyberattacks, prompting the Biden administration to treat ransomware as a national security crisis.

CNN writer Sean Lyngaas contributed to this report.

Source…

Tag Archive for: agency