NSA Reports Ivanti Cyberattacks Detected Targeting US Defense Industry
The U.S. National Security Agency has confirmed that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector.
Confirmation that the NSA is tracking these cyberattacks comes days after Mandiant reported that suspected Chinese espionage hackers have made “mass attempts” to exploit multiple vulnerabilities impacting Ivanti Connect Secure, the popular remote access VPN software used by thousands of corporations and large organizations worldwide.
Mandiant said earlier this week that the China-backed hackers tracked as a threat group it calls UNC5325 had targeted organizations across a variety of industries.
This includes the U.S. defense industrial base sector, a worldwide network of thousands of private sector organizations that provide equipment and services to the U.S. military, Mandiant said, citing earlier findings from security firm Volexity.
Akamai said in an analysis published last week that hackers are launching approximately 250,000 exploitation attempts each day and have targeted more than 1,000 customers.