Home → News → Hacker Accessed Network of U.S. Agency, Downloaded... → Full Text

Hacker Accessed Network of U.S. Agency, Downloaded Data

By Bloomberg

September 25, 2020

[article image]

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) on Thursday disclosed that an unnamed federal agency had been the victim of a cyberattack in which a hacker accessed its network.

The intruder implanted malware that avoided the agency's safeguards, and infiltrated the network by using valid access credentials for multiple users' Microsoft 365 and domain administrator accounts.

CISA said the hacker was able to browse directories, copy at least one file, and exfiltrate data.

The agency added that the hacker may have acquired the credentials by exploiting a known flaw in Pulse Secure virtual private network servers.

CISA learned of the attack through an intrusion detection system that monitors federal civilian agencies.

From Bloomberg
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found