The US Cybersecurity and Infrastructure Security Agency (CISA) agency hacked in February 2024 through vulnerabilities in Ivanti products. In response to the security breach, the agency had to shut down two crucial systems:
A system to facilitate the sharing of cyber and physical security assessment tools among federal, state, and local officials, and a system holding information related to the security assessment of chemical facilities. These systems are called the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT) respectively.
Ironically, CISA warned US organizations about attacks exploiting vulnerabilities in Ivanti software. On February 1, 2024, for the first time since its establishment, CISA ordered federal agencies to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.
On February 29, CISA warned organizations again that threat actors are exploiting multiple vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways.
A spokesperson for CISA told CNN that the security breach did not impact the operations of the agency.
Read more about it here.