February 1, 2024 at 05:15PM
The United States Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch agencies to remove Ivanti appliances from federal networks within 48 hours. The directive is a response to multiple threat actors exploiting security flaws in the appliances. Agencies are required to disconnect and rebuild the appliances, upgrade software, and report their actions to CISA.
After reviewing the meeting notes, it is clear that the United States Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive requiring Federal Civilian Executive Branch agencies to take immediate action in response to critical cybersecurity vulnerabilities in Ivanti appliances.
Key takeaways from the meeting notes are as follows:
1. CISA has given agencies 48 hours to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products from their networks. This directive applies to federal civilian executive branch agencies, including the Department of Homeland Security, Department of Energy, Department of State, Office of Personnel Management, and the Securities and Exchange Commission.
2. Agencies are required to perform a series of tasks to secure their networks, including disconnecting the affected appliances, looking for indicators of compromise, and rebuilding and upgrading the Ivanti appliances to remove vulnerabilities and potential backdoors.
3. It is advised to assume that all services and domain accounts connected to the appliances have been compromised and to take necessary precautions, including resetting passwords, revoking certificates and tokens, and monitoring authentication and identity management services for potential exposure.
4. Agencies have specific deadlines to report the status of the steps they have taken to address the security concerns, with the final reporting deadline set for March 1, 11:59PM EST.
It is evident that the directive from CISA requires prompt and comprehensive action from the affected agencies to address the cybersecurity risks associated with Ivanti appliances.