Security News > 2020 > September > Big US election coming up, security is vital and, oh look... a federal agency just got completely pwned for real
An unspecified US government agency was hacked by a miscreant who appears to have made off with archives of information.
This is according to Uncle Sam's Cybersecurity and Infrastructure Security Agency, which on Thursday went into technical detail on how an intruder: broke into staffers' Office 365 accounts; gained access the agency's internal network via its VPN; and installed malware and exfiltrated data.
"CISA became aware - via EINSTEIN, CISA's intrusion detection system that monitors federal civilian networks - of a potential compromise of a federal agency's network," the team wrote.
"The cyber threat actor was able to overcome the agency's anti-malware protection, and inetinfo.exe escaped quarantine," CISA said.
As we don't know the name of the agency nor what info was stolen, it's hard to say just what the damage was here, though obviously it was important enough for a smart attacker to go through a number of steps to infiltrate and get persistence on the victim network.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/25/cisa_agency_hacked/
Related news
- US warns of last-minute Iranian and Russian election influence ops (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator (source)
- US senators propose law to require bare minimum security standards (source)
- US reportedly mulls TP-Link router ban over national security risk (source)