Governance & Risk Management , Network Firewalls, Network Access Control , Patch Management
US CISA Continues to Struggle After Major Ivanti VPN Hack
Thomas Pace Discusses Potential Long-Term Impact of Ivanti VulnerabilitiesThe Cybersecurity and Infrastructure Security Agency is grappling with the aftereffects of significant flaws and a major hacking incident involving vulnerable Ivanti VPN devices, which allowed threat actors to exploit multiple gateways crucial to the U.S. cyber defense agency.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
CISA has since confirmed that the hack affected systems linked to both the Infrastructure Protection Gateway, which stores security assessments of critical infrastructure, and the Chemical Security Assessment Tool, which houses private sector chemical security plans (see: Hackers Compromised Ivanti Devices Used by CISA).
"The hardest problem to address is the breadth of what has been compromised," said Thomas Pace, former head of cybersecurity for the Department of Energy and CEO of XIot Security firm NetRise.
In this video interview with Information Security Media Group, Pace discussed:
- How hackers exploited vulnerabilities found in Ivanti products to access federal networks.
- What security patches and forensic work are required in order to better understand the full extent of the impact of the hacking incident.
- Why federal agencies and private sector organizations need to take more steps to protect themselves from vulnerabilities found in third-party software providers.
Pace is the former head of ICS security for the Department of Energy. He previously served in the U.S. Marine Corps and as global vice president for Cylance. He has worked on hundreds of security incidents worldwide and regularly shares his expertise at security conferences, including Black Hat and RSA.