MITRE breached: Hackers infiltrated R&D with Ivanti Zero-day exploits

April 22, 2024
1 min read

TLDR:

  • The MITRE Corporation experienced a cyber attack on its internal research and development network.
  • The attack was initiated by the UNC5221 group from China and compromised the Ivanti Connect Secure appliance.

The MITRE Corporation recently disclosed that it had experienced a cyber attack on one of its internal research and development networks. The attack, believed to have been initiated by the UNC5221 group from China, was detected by MITRE’s cybersecurity team. The attackers compromised the Ivanti Connect Secure appliance, which provides connectivity to the organization’s trusted networks. Over 2,100 Ivanti appliances were backdoored by the Chinese hackers to collect account and session data from infiltrated networks, including those of Fortune 500 corporations.

MITRE reassured its customers and the public that the compromised network was separate from its business and public-facing networks, which remained fully operational and secure. The organization is working closely with federal law enforcement agencies and its sponsors to investigate the attack and address any concerns. MITRE’s president and CEO, Jason Providakes, emphasized the importance of maintaining high cybersecurity standards and continuously improving defenses against cyber threats.

Despite the attack, MITRE remains committed to sharing relevant findings with the cybersecurity community to prevent similar incidents in the future. The organization continues to investigate the incident, strengthen its defenses, and restore operational alternatives for collaboration in a secure manner.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and