A Significant Impact

The U.S. National Security Agency (NSA) has acknowledged that it is actively tracking and addressing the significant impact of cyberattacks exploiting vulnerabilities in Ivanti’s enterprise VPN appliance, mainly targeting the U.S. defense sector. This confirmation follows reports by cybersecurity firm Mandiant, which identified suspected Chinese espionage hackers making extensive attempts to exploit multiple vulnerabilities in Ivanti Connect Secure. This software is crucial for remote access VPN services used globally by numerous corporations and large organizations.

In a statement emailed to leading technology media outlet TechCrunch on March 1st, Edward Bennett, a spokesperson for the NSA, revealed that the agency, together with its interagency partners, is “tracking and aware of the broad impact from the recent exploitation of Ivanti products, to include of the [sic] U.S defense sector.”