Posted on 02/02/2024 7:52:47 AM PST by bitt
Federal agencies have less than 24 hours to disconnect Ivanti VPN appliances due to the risk of malicious exploitation caused by multiple software flaws.
On Wednesday, U.S. cybersecurity agency CISA blasted out an updated emergency directive ordering U.S. government agencies to act "as soon as possible and no later than 11:59 PM on Friday February 2, 2024." Agencies, including the Department of Homeland Security and the Department of Justice, must disconnect all Ivanti VPN appliances because hackers may exploit the vulnerabilities and compromise agency information systems.
"The vulnerabilities in these products pose significant, unacceptable risks to the security of the federal civilian enterprise. As America’s cyber defense agency and the operational lead for federal civilian cybersecurity, we must take urgent action to reduce risks to the federal systems upon which Americans depend," said CISA Director Jen Easterly. "Even as federal agencies take urgent action in response to this Directive, we know that these risks extend to every organization and sector using these products. We strongly urge all organizations to adopt the actions outlined in this Directive."
CHINESE HACKERS PREPARING TO ‘WREAK HAVOC’ ON AMERICAN CITIZENS, COMMUNITIES, FBI DIRECTOR WARNS
CISA's emergency directive comes on the heels of FBI Director Christopher Wray's warning that China-backed hackers are looking to "wreak havoc" on U.S. communities.
"There has been far too little public focus on the fact that PRC [People’s Republic of China] hackers are targeting our critical infrastructure – our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems. And the risk that poses to every American requires our attention now," Wray told lawmakers Wednesday at a hearing on Capitol Hill.
CHINESE HACKERS OUTNUMBER FBI CYBER PERSONNEL ‘BY AT LEAST 50 TO 1,’ WRAY TESTIFIES
"China’s hackers are positioning on American infrastructure in preparation to wreak
(Excerpt) Read more at foxnews.com ...
p
FBI Director Christopher Wray’s warning that China-backed hackers are looking to “wreak havoc” on U.S. communities. Uh...duh!!! That guy sure earns his pay.
* tens of thousands of young Chinese males streaming over the non-existent southern “border”
* TikTok
* Huawei wireless equipment compromised
* Ivanti VPN appliances compromised
* Chinese “police stations” in US cities
* Chinese spy balloon gently floats over our most secret military installations
* China buying up all the natural gas reserves in Iraq after we spent a trillion dollars there
I’m sure I missed a bunch.
Havoc isn’t even close to what this is doing to NMCI/Flankspeed. Rumor is it will be MONTHS to get fully back online.
I don’t know why Wray is worried about this since Right Wing Extremist Terrorism is the real threat to our country.
Why is Wrong Wray involved with this at all? FBI has no responsibility for government electronic security. As the article notes, CISA is the responsible party for government and USAF is responsible for military network security.
“There has been far too little public focus on the fact that PRC [People's Republic of China] hackers are targeting our critical infrastructure.”
Chris, if your department would stop falsifying and then relying on those falsified documents, blocking investigations into the Jan 6 “bomber” you knew did it, stop illegally entrapping people and focusing on Conservative Catholics and White Conservatives as the #1 threat to the US, maybe we all could appreciate the Chinese threat you claim is there.
As it is, you and the FBI have so many unaddressed examples of corruption, including lying about Hunter Biden's laptop and so much more, that you should really just publicly stand and take a bow for ripping apart our country, instead of clamoring for anyone to care about saving it.
Be proud of your evil doings, Chris. This was your goal, after all.
FYI
Never used one before, mainly because I never use public WiFi systems.
I have used Microsoft products and McAfee for 25 years, and I have never been hacked.
May my good fortune continue for another 25 years!
Using public wi-fi isn’t the only reason to use a VPN. If you use one at home, your ISP no longer can provide a list of every site you visit and when. All they can see is you connected to your VPN host.
Of course, if the feddies being able to buy or demand your activity list doesn’t bother you, don’t bother. Of course, you might be flagged as ‘undesirable’ or put on a no-travel list at the airport if the commies don’t like you visiting any sites they claim are ‘disinformation’ sites. Such as FR.
What is the cost of a VPN?
Varies based on which you choose to use. Can be had for 10-12 bucks a month. Or more. Or less.
Kind of disturbing that a VPN company seems to be doing harm while it’s supposed to protect the client. Good question about the Fuds being all over it. We know they want back door codes into everything they can, Constitution be damned.
thanks ... that’s kinda cheap .... any suggestions on a good choice ...
Doing really good security correctly is HARD. It's like sealing a building against flood leaks -- it only takes one weak point and the water gets in.
Even if the VPN manufacturer is 100% honest and reliable, it's software, and mistakes happen. Air-tight Q.A. helps, but is expensive. Most security software has vulnerabilities even after many releases to "fix bugs".
When you add in the very high probability of corruption, compromise, etc. from bad actors, it's amazing that anything is secure at all.
You might give these a look:
https://www.cnet.com/tech/services-and-software/best-vpn/
Just depends on your needs. Whether you travel, what features you prefer, etc. This give an overview to compare.
Thank you.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.