Agencies are on a new alert tonight from the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency after they found advanced persistent threat actors scanning federal systems in a new way. The advisory from the two agencies lists 15 mitigation steps the FBI and CISA say agencies should take.
- Former Federal Chief Information Security Officer Brig. Gen. Gregory Touhill said bad actors have been scanning the internet for virtual private network vulnerabilities to exploit and patching is imperative for protection.
- While this set of incidents is related to Fortinet, Touhill said these bad actors can target any VPN that has not been properly patched.
- Touhill said any organization connected to the internet can fall victim to ransomware and must be postured to protect against attacks.