CISA, FBI Issue Joint Advisory on Threat Actors Targeting Federal, State, Local IT Networks

CISA, FBI Issue Joint Advisory on Threat Actors Targeting Federal, State, Local IT Networks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned that advanced persistent threat actors are exploiting legacy vulnerabilities in internet-facing infrastructure devices to gain access to networks of federal and state, local, tribal and territorial government agencies.

“The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application,” the joint advisory from CISA and FBI states.

APT actors also use a privilege escalation vulnerability to obtain access to servers as well as open source tools to steal account credentials.

CISA and the bureau said the malicious cyber activity by these threat actors may pose some risk to elections data stored on government networks.

Organizations have been advised to have an “assume breach” mentality, patch systems and equipment, perform comprehensive account resets, update virtual private networks and devices, implement multifactor authentication and block public access to potentially vulnerable ports, among other measures.

CISA has recommended that network staff and administrators review internet-facing infrastructure for vulnerabilities that have or could be exploited to a similar effect.

You may also be interested in...

Huntington Ingalls

Huntington Ingalls Board Elects Kari Wilkinson as EVP, Shipbuilding Division President

Huntington Ingalls Industries’ (HII) Board of Directors has elected Kari Wilkinson, Ingalls’ vice president, program management, to serve as executive vice president of HII and president of the Shipbuilding division, effective April 1st. She will succeed Brian Cuccias, who will retire in April. Wilkinson will report to HII executive vice president and chief operating officer Chris Kastner