Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.

x
//

CISA, FBI Issue Joint Advisory on Threat Actors Targeting Federal, State, Local IT Networks

1 min read
CISA
CISA

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned that advanced persistent threat actors are exploiting legacy vulnerabilities in internet-facing infrastructure devices to gain access to networks of federal and state, local, tribal and territorial government agencies.

“The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application,” the joint advisory from CISA and FBI states.

APT actors also use a privilege escalation vulnerability to obtain access to servers as well as open source tools to steal account credentials.

CISA and the bureau said the malicious cyber activity by these threat actors may pose some risk to elections data stored on government networks.

Organizations have been advised to have an “assume breach” mentality, patch systems and equipment, perform comprehensive account resets, update virtual private networks and devices, implement multifactor authentication and block public access to potentially vulnerable ports, among other measures.

CISA has recommended that network staff and administrators review internet-facing infrastructure for vulnerabilities that have or could be exploited to a similar effect.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Cybersecurity