Mitre Corp. said one of its research and prototyping networks was intruded in January by a nation-state linked attacker that exploited a pair of zero-day vulnerabilities in the organization’s remote access Ivanti VPN. “We took all the recommended actions from the vendor, from the U.S. government, but they were clearly not enough,” Charles Clancy, SVP and CTO at Mitre, said Friday. “As a result, we are issuing a call to action to the industry. The threat has gotten more sophisticated, and so too must our solutions to combat that threat.”
Mitre has very close ties to the federal government and plays an essential role in the US's cybersecurity research. As such, we should pay significant attention to what Mitre's CTO suggests in our solutions to combat threats must be more sophisticated and comprehensive.
What does this mean for dealers?
For dealers, this illustrates the importance of advanced cybersecurity by improving not only internal, but supply chain and external security strategies and processes. Most importantly, the attack experienced by Mitre, reinforces the need to deploy a Zero Trust Network Architecture. As cyber-attacks and threats get more sophisticated - in particular with the use of AI in threat creation - the need for a comprehensive security approach can't be emphasized enough in today's dealer IT infrastructure.
What should dealers do?
It's our recommendation that dealers begin by auditing their existing privileged and user access across data, applications, systems, access points, and devices. In particular, we recommend to our clients the implementation of a Zero Trust Network Architecture and Privileged Access Management approaches and tools that can help IT teams manage access in a turnkey way across endpoints, networks, email, cloud-based and on-premise devices. This audit is a first step in understanding the GAPs with user-based access tools (e.g., VPNs) that were clearly exploited in the Mitre case.
Once the audit is complete and gaps are identified in your cybersecurity efforts, the next step is remediating those gaps with a comprehensive suite of cybersecurity tools that deliver best-of-breed security in a cost-effective way.