For the past several weeks the Cybersecurity and Infrastructure Security Agency has been working to determine the extent of the problem and help agencies secure their systems, asking them to run “integrity tools” to investigate potential compromises is.
“CISA is aware of at least five federal civilian agencies that have run the Pulse Connect Secure Integrity tool and identified signs of possible unauthorized access,” CyberSpecific Deputy Executive Assistant Matt Hartman said in a statement.
“We are working with each agency to find out whether an intrusion has taken place and will have incident response support accordingly,” he said.
CNN reported last week that the CISA has identified 24 federal civilian agencies that use Pulse Connect Secure Devices, but it was not yet known whether the agencies were compromised.
A week after CISA issued a rare “emergency directive”, a search for potential violations issued a short “emergency directive”, allowing all federal civilian agencies to determine how many products they had, including “integrity tools.” Run, install the update and submit a report to CISA. Emergency instructions are used when agency systems have a high probability of agreement.
According to a CISA spokesperson, since March 31, CISA has been helping a number of organizations whose vulnerable Pulse Connect Secure Products have been exploited by cyber cyber actors.
The US government has not yet determined responsibility for the hack.
He also said there is no “indiscriminate targeting” similar to the Microsoft Exchange Server campaign, where “various plagues” compromised thousands of servers, he said.