Comment: Hacker Groups Chain VPN And Windows Bugs To Attack US Government Networks

It has been reported that hackers have gained access to US government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert recently published. Attacks have targeted federal and state, local, tribal, and territorial (SLTT) government networks. Attacks against non-government networks have also been detected, the two agencies said. “CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised,” the security alert reads.

Full story here: https://www.zdnet.com/article/hacker-groups-chain-vpn-and-windows-bugs-to-attack-us-government-networks/

Experts Comments

October 14, 2020
Hugo van Den Toorn
Manager, Offensive Security
Outpost24
This is typical behavior when new vulnerabilities and public exploits surface, underlining the importance of proper asset & vulnerability management and patch management. You can safely assume whenever a new vulnerability becomes publicly known, that a race starts to whomever can find a stable exploit and potentially chain it in further attacks. This goes for both the information security community, as well as adversarial hackers. The main difference is their motivation, to either disclose.....Read More
This is typical behavior when new vulnerabilities and public exploits surface, underlining the importance of proper asset & vulnerability management and patch management. You can safely assume whenever a new vulnerability becomes publicly known, that a race starts to whomever can find a stable exploit and potentially chain it in further attacks. This goes for both the information security community, as well as adversarial hackers. The main difference is their motivation, to either disclose something and help expedite solutions or to weaponize and exploit as many victims as possible in the shortest amount of time. Once an initial foothold is gained by adversaries, they want to try and elevate their privileges as quickly as possible. By chaining vulnerabilities such as the VPN vulnerabilities (gaining access) and the Zerologon vulnerability (elevating privileges) adversaries can go through the entire attack lifecycle in an efficiently automated fashion.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts