Norwegian security officials have issued a warning to approximately 20 critical infrastructure companies, businesses, and public agencies in the country, alerting them that they may be at risk of a cyberattack similar to the one that targeted 12 government ministries earlier this week.
The vulnerability in Ivanti’s management software, which has recently been discovered and is being exploited by unknown hackers, presents a significant threat, according to Sofie Nystrøm, the Director General of the Norwegian National Security Authority.
Ivanti has released a patch for the zero-day vulnerability, which affects a tool used to set policies for mobile devices and applications. However, companies and agencies that have not applied the patch remain at risk, warns Nystrøm.
The main concern at present is the initial compromise of victims and the potential vulnerability of Norwegian infrastructure, states Nystrøm.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also issued a security alert about the Ivanti vulnerability, as the company is based in the U.S. Nystrøm confirms that Norway’s national security agency has informed CISA of the situation.
As a result of the cyberattack, email and other mobile services have been temporarily suspended in the 12 affected Norwegian ministries. However, employees are still able to work using computers, according to a notice on the government’s website.
If organizations are unable to patch the Ivanti flaw, the Norwegian security agency advises taking the software offline. Additionally, efforts are underway to communicate with companies that use the software and investigate any potential impact on their customers.
Ivanti became aware of the vulnerability late last week and has confirmed that a limited number of customers have been affected. The company chose to provide customers with sufficient time to install patches before making the vulnerability public.
Given the increasing exploitation of zero-day vulnerabilities, Nystrøm believes this will be a focal point for threat actors in the future.
Details of the ongoing investigation into the Ivanti cyberattacks by Norwegian law enforcement authorities have not been disclosed publicly.
The Cl0p ransomware group has claimed responsibility for exploiting a zero-day vulnerability in Progress Software’s file-sharing software called MoveIt, which was disclosed in May and affected numerous companies, including Shell and the U.S. Department of Energy. Progress Software promptly issued patches for the vulnerability.
Nystrøm expresses satisfaction with Ivanti’s response to the zero-day incident. She emphasizes the need for strong defenses from cybersecurity agencies and corporate security teams, as well as improved security measures by technology providers before their products are released. Nystrøm suggests that implementing cybersecurity certification requirements prior to product launches could be beneficial.
For further information, contact Catherine Stupp at [email protected].
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.