Home / Technology / Hackers Exploit Ivanti VPN Flaw, Breach 119 Orgs
Hackers Exploit Ivanti VPN Flaw, Breach 119 Orgs
23 Feb
Summary
- Hackers exploited a secret backdoor in Ivanti's VPN software.
- The breach compromised 119 other organizations using the same product.
- Private equity acquisitions and cost-cutting may have compromised security.
In February 2021, software giant Ivanti detected a significant security incident where Chinese hackers exploited a secret backdoor in its Pulse Secure VPN software. This vulnerability allowed attackers to access the networks of 119 other organizations that utilized the same VPN product.
Mandiant, a cybersecurity firm, had alerted Ivanti to the breaches, noting that European and U.S. military contractors were targeted. This incident is part of a pattern where acquisitions by private equity firms, such as Clearlake Capital Group's 2017 acquisition of Ivanti, and subsequent cost-cutting measures, including layoffs in 2022, have been linked to compromised product security.
Ivanti's VPN products have been implicated in other major attacks. In early 2024, U.S. federal agencies were ordered to disconnect their Ivanti VPN appliances due to actively exploited, unknown vulnerabilities. The company had also warned customers in the previous year about a critical flaw in its Connect Secure product being used for corporate hacks.
