Federal agencies have less than 24 hours to disconnect Ivanti VPN appliances due to the risk of malicious exploitation caused by multiple software flaws.
On Wednesday, U.S. cybersecurity agency CISA blasted out an updated emergency directive ordering U.S. government agencies to act "as soon as possible and no later than 11:59 PM on Friday February 2, 2024." Agencies, including the Department of Homeland Security and the Department of Justice, must disconnect all Ivanti VPN appliances because hackers may exploit the vulnerabilities and compromise agency information systems.
"The vulnerabilities in these products pose significant, unacceptable risks to the security of the federal civilian enterprise. As America’s cyber defense agency and the operational lead for federal civilian cybersecurity, we must take urgent action to reduce risks to the federal systems upon which Americans depend," said CISA Director Jen Easterly. "Even as federal agencies take urgent action in response to this Directive, we know that these risks extend to every organization and sector using these products. We strongly urge all organizations to adopt the actions outlined in this Directive."
CHINESE HACKERS PREPARING TO ‘WREAK HAVOC’ ON AMERICAN CITIZENS, COMMUNITIES, FBI DIRECTOR WARNS
CISA's emergency directive comes on the heels of FBI Director Christopher Wray's warning that China-backed hackers are looking to "wreak havoc" on U.S. communities.
"There has been far too little public focus on the fact that PRC [People’s Republic of China] hackers are targeting our critical infrastructure – our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems. And the risk that poses to every American requires our attention now," Wray told lawmakers Wednesday at a hearing on Capitol Hill.
CHINESE HACKERS OUTNUMBER FBI CYBER PERSONNEL ‘BY AT LEAST 50 TO 1,’ WRAY TESTIFIES
"China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if and when China decides the time has come to strike," he added.
The FBI recently shut down an effort by Chinese hackers to infiltrate hundreds of routers to target critical infrastructure.
The hackers, known as "Volt Typhoon," used privately owned SOHO routers infected with the "KV Botnet" malware to conceal the Chinese origin of hacking activities targeting U.S. and other foreign victims, according to the Justice Department.
"The Justice Department has disrupted a PRC-backed hacking group that attempted to target America’s critical infrastructure utilizing a botnet," Attorney General Merrick B. Garland said in a statement Wednesday. "The United States will continue to dismantle malicious cyber operations – including those sponsored by foreign governments – that undermine the security of the American people."
Fox News Digital's Greg Norman contributed to this report.