Federal Agencies Told to Act Quickly to Turn Back Cyberthreat

May 18, 2022 by Dan McCue
Federal Agencies Told to Act Quickly to Turn Back Cyberthreat

WASHINGTON — The entity charged with protecting federal agencies from bad cyber actors issued a rare emergency directive Thursday, warning they should quickly take steps to protect themselves from vulnerabilities found in VMware.

VMware is a cloud computing and virtualization technology company headquartered in Palo Alto, California. It is primarily known for creating a platform for the virtualization of IT infrastructure as an alternative to having dedicated hosts.

According to the Cybersecurity and Infrastructure Security Agency, vulnerabilities found in five of the company’s products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager (vRSLCM) have placed federal networks and systems at immediate risk of a cyber intrusion.

It goes on to say the problem is a vulnerability that permits attackers to gain deep access into computer systems without the need to authenticate. 

“These vulnerabilities pose an unacceptable risk to federal network security,” said CISA Director Jen Easterly in a written statement. 

“CISA has issued this Emergency Directive to ensure that federal civilian agencies take urgent action to protect their networks. We also strongly urge every organization — large and small — to follow the federal government’s lead and take similar steps to safeguard their networks.”

The federal civilian executive branch agencies to whom the warning applies include every executive branch department — Energy, Commerce, Homeland Security, Treasury, Transportation, etc. — as well as “smaller” agencies like the board of governors of the Federal Reserve, the Federal Trade Commission, the National Transportation Safety Board, the Environmental Protection Agency and the Nuclear Regulatory Commission.

Even the Peace Corps could be vulnerable to the threat.

On its website CISA said VMware first discovered new vulnerabilities in early April and released an update to address the problem.

Unfortunately, the agency said, “threat actors were able to reverse engineer the update and begin exploitation of impacted VMware products that remained unpatched within 48 hours of the update’s release.”

Earlier today, VMware released an update for two new vulnerabilities. 

“Based on the above, CISA expects threat actors to quickly develop a capability to exploit these newly released vulnerabilities in the same impacted VMware products,” the agency said. “Exploiting the above vulnerabilities permits attackers to trigger a server-side template injection that may result in remote code execution; escalate privileges to ‘root’; and obtain administrative access without the need to authenticate.

“CISA has determined that these vulnerabilities pose an unacceptable risk … and require emergency action,” the agency said.

Dan can be reached at [email protected] and @DanMcCue

A+
a-
  • cyber intrusion
  • cybercrime
  • Cybersecurity and Infrastructure Agency
  • federal agencies
  • VMware
  • In The News

    Health

    Voting

    Cybersecurity

    April 29, 2025
    by Tom Ramstack
    FBI Reports Sharp Increase in American Cybercrime Victims

    WASHINGTON — The FBI’s new Internet Crime Report released last week shows Americans lost $16.6 billion to cybercrime in 2024... Read More

    WASHINGTON — The FBI’s new Internet Crime Report released last week shows Americans lost $16.6 billion to cybercrime in 2024 despite an intensified government effort to stop it. The losses were up by one-third from a year earlier.  Fraud was the most common crime, particularly among... Read More

    December 31, 2024
    by Tom Ramstack
    Chinese Accused of Hacking US Treasury Dept. Computers

    WASHINGTON — A Chinese intelligence agency recently hacked the workstations and unclassified documents of the U.S. Treasury Department, the Biden... Read More

    WASHINGTON — A Chinese intelligence agency recently hacked the workstations and unclassified documents of the U.S. Treasury Department, the Biden administration announced Monday. The hack attack is one of several Chinese-sponsored incidents the U.S. Cybersecurity and Infrastructure Security Agency says have compromised the data privacy of... Read More

    The US and Microsoft Disrupt a Russian Hacking Group Targeting American Officials and Nonprofits

    WASHINGTON (AP) — A hacking group tied to Russian intelligence tried to worm its way into the systems of dozens... Read More

    WASHINGTON (AP) — A hacking group tied to Russian intelligence tried to worm its way into the systems of dozens of Western think tanks, journalists and former military and intelligence officials, Microsoft and U.S. authorities said Thursday. The group, known as Star Blizzard to cyberespionage experts,... Read More

    Americans Reporting Nationwide Cellular Outages From AT&T, Cricket Wireless and Others

    A number of Americans are dealing with cellular outages on AT&T, Cricket Wireless, Verizon, T-Mobile and other service providers, according... Read More

    A number of Americans are dealing with cellular outages on AT&T, Cricket Wireless, Verizon, T-Mobile and other service providers, according to data from Downdetector. AT&T had more than 73,000 outages around 9:30 a.m. ET, in locations including Houston, Atlanta and Chicago. The outages began at approximately... Read More

    States and Congress Wrestle With Cybersecurity at Water Utilities Amid Renewed Federal Warnings

    HARRISBURG, Pa. (AP) — The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international... Read More

    HARRISBURG, Pa. (AP) — The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the... Read More

    December 6, 2023
    by Dan McCue
    HHS Unveils Next Steps to Enhance Cybersecurity of Health Care Records

    WASHINGTON — The bad guys in cyberspace want your health care records.  Between 2018 and 2022, there was a 93%... Read More

    WASHINGTON — The bad guys in cyberspace want your health care records.  Between 2018 and 2022, there was a 93% increase in large breaches in the health care sector, with a 278% increase in large breaches involving ransomware, according to the Department of Health and Human... Read More

    News From The Well
    scroll top