Pulse Secure VPN

2021: US government hacking due to vulnerability in Pulse Secure VPN hardware

According to the report of the IB company FireEye, published at the end of April 2021, many US government agencies, defense companies and financial institutions in the United States and Europe were attacked by hackers through vulnerability in VPN equipment.

The report emphasizes that hackers repeatedly used several known vulnerabilities and one recently discovered "hole" in Pulse Secure VPN. Experts discovered the attacks in early 2021, and the developers of Pulse Secure VPN have already confirmed the statements of the researchers.

FireEye Vice President Charles Karamakala noted that the attackers who attacked Pulse Secure VPN are "extremely sophisticated and used the access obtained to steal credentials and other sensitive data belonging to the victim organizations."

Many US authorities hacked through vulnerability in Pulse Secure VPN hardware

The FireEye claims that some of the attacks were recorded back in August 2020. Researchers suggest that the group that organizes these attacks could work for the Chinese government.

The Pulse Secure VPN team provided its customers with recommendations for action in the event of hacker attacks, as well as protection against them. In connection with the attacks, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive demanding that government agencies apply measures to prevent the exploitation of vulnerability, in particular, using the Pulse Connect Secure Integrity tool to verify the verification and protection of systems.

Pulse Secure said that the newly discovered vulnerability affects "a very limited number of customers" and that a full software update will be released in early May 2021 to address this vulnerability. Software fixes for other vulnerabilities already exist.^[1]

Notes