CISA broke into a US federal agency, and no one noticed for a full 5 months

erek

[H]F Junkie
Joined
Dec 19, 2005
Messages
11,732
"The assessed agency also placed too great a reliance on known indicators of compromise (IoCs) for detecting intrusions, plus various system misconfigurations and procedural issues hindered the analysis of network activity.

CISA said the exercise demonstrated the need for FCEB agencies to apply defense-in-depth principles – multiple layers of detection and analysis measures for maximum effectiveness. Network segmentation was recommended and the red team wanted to stress the danger of over-relying on known IOCS.

It also wouldn't be a CISA communiqué without a plug for its secure-by-design push. It said that insecure software contributes to the issues faced by the target agency and re-upped its call to stamp out default passwords, provide free logging to customers, and for vendors to work with SIEM and SOAR providers to make better use of those logs."

Source: https://www.theregister.com/2024/07/12/cisa_broke_into_fed_agency/
 
I guess the silver lining is they have red teams doing this preemptively. Tbh security claims are only as good as the results of an attack/audit. Everyone touts their offering as secure until it winds up in the news.
 
Is it just me. Anything the government touches is either 1/2 baked, ineffective or inefficient.
 
It's practically anything anyone touches these days, and it gets worse with scale. When any org gets this size, it's pretty much impossible to only hire competent people.
Competent only gets you so far, big projects have big surface areas and you can’t defend it all. You can only mitigate the damage they can do once they get inside.

It’s the standard Pick 2 problem, it can be secure, it can be complete, it can be easy to use.

Anything government must be easy to use… so is it secure or is it complete.
 
One government agency provided proof that another government agency needs more money and resources. Sounds great 👍 just take my money already 💸💸
 
Back
Top