Tag Archives: virtual private network

The House Oversight and Reform Committee and heads of its subcommittees asked interim and current inspectors general of the U.S. intelligence community, the Department of Defense and eight other federal agencies to assess vulnerabilities related to the use of remote-access software to support telework during the COVID-19 pandemic for inclusion in their fiscal year 2021 cybersecurity evaluation. 

The Cybersecurity and Infrastructure Security Agency (CISA) has identified a malware dubbed Supernova used by advanced persistent threat actors to compromise an organization’s enterprise network through a Pulse Secure virtual private network device. Hackers use Supernova to conduct reconnaissance and domain mapping and steal credentials and sensitive data.

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert stating that a cyber threat actor has compromised a number of government agencies, critical infrastructure and organizations in the private sector since “June 2020 or earlier” using vulnerabilities in Ivanti’s Pulse Connect Secure virtual private network products.

The National Institute of Standards and Technology (NIST) has issued a draft special publication that seeks to demonstrate how organizations can use standards-based, commercially available products to help meet their privacy and security needs as they adopt the bring your own device practice. Public comments on the draft practice guide are due May 3rd.

Vice Adm. Nancy Norton, director of the Defense Information Systems Agency (DISA) and Wash100 awardee, has said the agency is working to “isolate” suspicious activities in a cloud environment to support remote work operations, DOD News reported Thursday. "Our primary goal is to preserve and protect the ability of our workforce to conduct mission central operations that we support on national defense and current worldwide military missions," she said.

Chi Kang, deputy director for operations at the National Oceanic and Atmospheric Administration’s (NOAA) cybersecurity division, has said that segmentation and software-defined, wide-area networking (SD-WAN) can support the implementation of zero-trust concepts. Kang said that SD-WAN has the capacity to ensure visibility and control across disparate networks and multiple endpoints.

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA) and a 2020 Wash100 awardee, said agencies transitioning to the cloud to support telework should consolidate and increase investments in security tools to better manage cyber threats.

The U.S. Air Force (USAF) has detected a surge of cyber threats following its implementation of telework across the service branch, C4ISRnet reported Monday.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will release interim Trusted Internet Connections 3.0 guidance to mitigate network-related challenges as more federal employees telework due to the coronavirus pandemic, Federal News Network reported Friday.

Suzette Kent, federal chief information officer and a 2020 Wash100 award winner, said agency CIOs, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and industry partners are ramping up efforts to meet the information technology demand among teleworkers and carry out missions amid the COVID-19 pandemic, Federal News Network reported Thursday.