In mid-April, a cyber spy attack became known in the United States, which is now larger than initially thought. According to the US media, hackers backed by the Chinese government were vulnerable to Pulse Connect Secure VPN devices (Now owned by Ivanthi) Used to access computers in major US facilities.
Like the Associated Press (AP) now reports, The attackers targeted American telecommunications company Verizon, the nation’s largest water authority, and the Southern California metropolitan water district. In early June, it was reported that the subway system of New York City, the country’s largest city, had also been attacked.
Cyber Security and Infrastructure Security Agency (Sisa) The U.S. Department of Homeland Security issued a warning about the Pulse hack in April, stating that “many U.S. government agencies, major infrastructure companies and other private sector companies have been compromised.” At least five federal agencies recognized signs of unauthorized access. The CISA did not say which officers these were. In all cases, victims used Pulse VPN software for secure network access.
Pulse Connect Secure Equipment is not new, IT security provider Ten Had already warned in January. In mid-April, Pulse Secure announced that foreign attackers were targeting three known vulnerabilities: CVE-2019-11510, CVE-2020- 8243 and CVE-2020-8260, as well as the newly discovered, critical zero-day vulnerability (CVE-2021-) to avoid accreditation. 22893).
The culprits are currently targeting central infrastructure, as Denable Research Engineering Manager Scott Cavesa wrote in a press release. The attackers are increasingly aiming to gain access to private networks through vulnerabilities in the VPN software. That’s why pasting and securing business-complex devices should continue to be a priority and require regular monitoring.
As for the US attacks, it is not yet clear what important information was leaked. However, experts believe that it is fundamentally worrying that hackers have been able to gain access to even the networks of important infrastructure facilities. Data that can be stolen may be of interest to other countries for business reasons, but above all for national security reasons.
Although Pulse Secure Hack has largely gone unnoticed, large-scale ransomware attacks have made headlines recently Attack on the Colonial Pipeline In May 2021. A digital attack on one of America’s most important oil pipelines has led to dramatic disruptions at several gas stations. Englishman The BBC reportedThe attack took place via the ransomware “Darkside”, apparently a Russian hacker gang behind it. The attackers stole about 100 gigabytes of data and confiscated $ 4.4 million in ransom paid in Bitcoin (see video).
The U.S. government is still investigating those started by Russian Internet spies Solar Winds-Hacking-CompaqneIn addition, CIA and NSA investigations have linked a Russian intelligence service to the allegations. Dozens of private sector companies and at least nine U.S. government agencies have infiltrated, and the attack lasted until most of 2020. (HV)
“Amateur coffee fan. Travel guru. Subtly charming zombie maven. Incurable reader. Web fanatic.”