U.S. cybersecurity agency CISA says federal government departments are not sufficiently patching to protect against an active hacking campaign targeting Cisco firewalls.
In an updated advisory published Wednesday, CISA said that it was currently โtracking active exploitationโ of two security flaws in Ciscoโs Adaptive Security Appliance (ASA) software, which powers a range of enterprise grade firewalls used by corporate giants and government agencies to protect their networks from malicious outsiders.
CISA said the flaws have been abused by an โadvancedโ but as-yet-unnamed threat actor since September, which prompted the agency to issue its third emergency directive of the year, ordering agencies to patch their affected systems.
While some federal agencies told the agency that they had patched their systems, CISA said some agencies were โstill vulnerableโ to the threats as outlined in the agencyโs directive.
The agency did not say which government departments had been compromised, but urged all agencies with affected Cisco devices to update to the latest patch version to avoid exploitation.
Last week, the Congressional Budget Office confirmed it had been hacked, allowing suspected foreign hackers to steal the agencyโs emails and chat logs between lawmakersโ offices and the agencyโs researchers.
The CBO, which offers economic analysis and information to lawmakers, would not say how the hackers got in, but security researcher Kevin Beaumont found that the CBO had an affected Cisco firewall that hadnโt been patched prior to the U.S. government shutdown on October 1. The CBO pulled the affected Cisco router offline shortly before disclosing the hack.
