Aktuelles
Expert commentary: MITRE admits ’nation state’ attackers touched its NERVE R&D operation
April 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
This morning it has been reported that the security organisation MITRE had its Networked Experimentation, Research, and Virtualization Environment (NERVE) penetrated using zero-day flaws in an Ivanti virtual private network. MITRE reports it was one of many targeted by what it’s described as "a foreign nation-state threat actor." MITRE explained that its core networks were not compromised, but that the incident should serve as a call to arms for the industry and more details will be published later.
In response to this, Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity has commented on the news discussing why this attack is a stark reminder of the pervasive threat landscape we navigate daily. Matt’s comment offers advice on what organisations need to be doing to mitigate against future cyber attacks and how to survive the current climate of rapidly rising ransomware attacks.
"The attack on security organisation MITRE is a stark reminder of the pervasive threat landscape we navigate daily. MITRE’s recognition of the breach demonstrates both the need for enhanced vigilance across all sectors and the benefits of transparent incident disclosure. It has further demonstrated why cybersecurity has to be an immediate priority and a cornerstone of risk mitigation and prevention strategies for any business. Without it, businesses will not be able to survive the current climate of rapidly rising ransomware attacks.
"Almost every organisation needs to have at least some systems providing services to the internet, and in the face of zero-day attacks there are no security controls which can block attacks 100% of the time, even when patches are installed in a timely fashion. For this reason, it is essential to be monitoring for unexpected changes in your environments, collating and correlating log data and looking for anomalies. Solutions that are built with unsupervised machine learning can help greatly with this.
"Organisations should learn from this latest breach by ensuring they’re doing everything they can to protect themselves and their data in a world where new cyber risks and dangers are evolving at compute speed. We’ve seen that increased employee flexibility around remote working practices often means increased cybersecurity risks. As a result, organisations must work with their employees to create strong cybersecurity habits so best-practice becomes second nature.
"To mitigate against cyber threats, regular education and phishing simulations are a must, and all employees and companies must stay updated with current trends. Rather than viewing data protection as a box-ticking exercise, it should be a key priority and integrated into every aspect of an organisation. Employee awareness and vigilance is the most powerful tool in the Cyber Resilience kit-bag – to boost prevention, detection and reporting of breaches."
