Alejandro Mayorkas, secretary of the Department of Homeland Security and a previous Wash100 awardee, said the suspected Iranian government-sponsored advanced persistent threat activity revealed by the Cybersecurity and Infrastructure Security Agency and the FBI can be considered a major cyber incident.
Mayorkas was responding to Sen. Rob Portman, R-Ohio, ranking member of the Senate Homeland Security and Governmental Affairs Committee, when asked if the identified APT activity would be considered under the Federal Information Security Modernization Act reauthorization, HSGAC said Thursday.
In a hearing held a day after the cybersecurity advisory was released, Portman questioned Mayorkas regarding the identity of the compromised federal civilian executive branch organization and whether the cyber threat actors have been removed from the federal networks.
Mayorkas declined to provide any further detail about the reported incident.
CISA holds that the Iranian government exploited the Log4Shell remote code execution vulnerability to install crypto mining software.