Emergency Directive Issued to Combat Advanced Cyber Threats
(CNN) — On Thursday, U.S. cyber officials unveiled an “emergency directive,” compelling federal agencies to bolster their network defenses against a sophisticated cadre of hackers who have infiltrated at least one government entity in what appears to be an espionage initiative.
While government entities remain tight-lipped regarding the perpetrators, cybersecurity experts speculate that the attackers may be state-sponsored actors stemming from China. These adversaries have been taking advantage of previously unidentified vulnerabilities in Cisco software for several months.
According to Chris Butera, a senior figure at the Cybersecurity and Infrastructure Security Agency, “We are aware of hundreds of these devices [utilizing the compromised Cisco software] being employed within the federal government.”
The directive aims to elucidate the “full scope of the compromise across federal agencies,” Butera remarked.
Unit 42, a division of the cybersecurity firm Palo Alto Networks, has put forth the assertion that these malicious actors are indeed based in China.
However, myriad other hacking collectives might seek to exploit the disclosed vulnerabilities now that the issues are public and patches—critical software fixes—are accessible.
“As history has shown, once patches are made available, we can anticipate a surge in attacks as cybercriminal enterprises adeptly exploit these weaknesses,” cautioned Sam Rubin, a senior vice president at Unit 42.
The directive is set to trigger a race against time in Washington to identify the hackers and sever any compromised devices before they can inflict further harm.
Civilian agencies are mandated to update their software and report any breaches by the close of business on Friday.
A representative from Cisco indicated that the company investigated the breaches in May alongside several government agencies and subsequently uncovered three additional vulnerabilities that the attackers had been exploiting.
The company has urged its clientele to promptly update their software in light of these threats.
Simultaneously, the British government also issued a warning regarding the cyber offensive, characterizing the malevolent code utilized by the hackers as a “significant evolution” of their prior methodologies.
This alarming revelation follows closely on the heels of findings from Mandiant, a research firm under the aegis of Google, which disclosed that another cohort of alleged Chinese hackers had penetrated U.S. software developers and law firms.
This endeavor was geared toward accumulating intelligence to advantage Beijing in its ongoing trade contention with Washington. Mandiant estimated that the recovery process from these incursions could span several months.
Source link: Ktvz.com.
