Ivanti devices vulnerable, Fulton County GA cyberattack
By John Bruggeman , virtual Chief Information Security Officer
Ivanti Policy Secure (IPS) and Ivanti Connect Secure (ICS) have zero day vulnerabilities
Ivanti has not had a good month. January started with Ivanti disclosing two zero-day vulnerabilities on their VPN gateways (Ivanti Policy Secure and Connect Secure).
The vulnerabilities are so bad that DHS and CISA issued an emergency directive on January 19 to all federal agencies and cloud service providers (CSPs) that maintain federal information needed to patch or mitigate these vulnerabilities, to be completed by January 22. The Canadian Centre for Cyber Security issued an advisory on January 31.
A three-day turnaround timeframe is quick, and it needed to be due to the active exploitation of these vulnerabilities. As the month went on, Ivanti discovered more vulnerabilities and released additional patches for their products.
What can be done to prevent this?
This is a case of staying on top of patches and knowing what devices you have deployed. Patch management and asset inventory are particularly critical for your external facing assets, like remote access solutions (such as VPNs).
A good managed vulnerability and patch management solution from OnX?Canada is one way to stay on top of critical patches like these to reduce risk and keep your data and systems secure.
What to do?
You must have a patch management solution in place and an inventory of all your external facing devices. If you have questions, let me know.
You can read more about these Ivanti patches here.
领英推荐
Fulton County, GA, cyberattack
Fulton County, the most populated county in Georgia and where the City of Atlanta is located, announced Monday that it was dealing with a cybersecurity incident. The incident is impacting multiple county offices, including the tax offices, license bureau, the court system, library branches, and phone service for county officials.
The details of this attack are not fully known yet, but this attack is additional evidence that state and local governments in the U.S. and Canada are targets of ransomware gangs. The court systems in Kansas, Wisconsin, Alaska, Texas, and others have been the target of ransomware gangs for the past two to three years, and that trend is not slowing down.
What to do?
If you work in local, county, provincial, or state governments, dig in and find out how you secure your data. Do you have a good backup solution, one that can defend against a ransomware attack? Are you using a 1-2-3 backup strategy? Do they know what that is?
OnX?offers Backup as a Service, and these services can save an organization hours to days of recovery time and help ensure that they do not have to pay the ransom if they are attacked.
To read more about the Fulton County attack, you can check out this link from Recorded Future
About the author
John Bruggeman is a veteran technologist, CTO, and CISO with nearly 30 years of experience building and running enterprise IT and shepherding information security programs toward maturity. He helps companies, boards, and C-level committees improve and develop their cybersecurity programs, create risk registers, and implement compliance controls using industry-standard frameworks like CIS, NIST, and ISO