acm-header
Sign In

Communications of the ACM

Home/News/Hacker Accessed Network of U.S. Agency, Downloaded.../Full Text
ACM TechNews

Hacker Accessed Network of U.S. Agency, Downloaded Data

By Bloomberg
September 25, 2020
Comments
View as: Print Mobile App Share:
A CISA logo.

The U.S. Cybersecurity & Infrastructure Security Agency says a hacker accessed the network of an unnamed federal agency.

Credit: Cybersecurity & Infrastructure Security Agency

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) on Thursday disclosed that an unnamed federal agency had been the victim of a cyberattack in which a hacker accessed its network.

The intruder implanted malware that avoided the agency's safeguards, and infiltrated the network by using valid access credentials for multiple users' Microsoft 365 and domain administrator accounts.

CISA said the hacker was able to browse directories, copy at least one file, and exfiltrate data.

The agency added that the hacker may have acquired the credentials by exploiting a known flaw in Pulse Secure virtual private network servers.

CISA learned of the attack through an intrusion detection system that monitors federal civilian agencies.

From Bloomberg
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account