I think MITRE did a very good job in writing up the details here. If I were a system or security engineer, these seem to be immediate actionable items laid out for me.
Considering the quote:"MITRE followed best practices, vendor instructions, and the government’s advice to upgrade, replace, and harden our Ivanti system, but we did not detect the lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient."
It seems like anything connected to it was fully compromised for quite some time.
It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields
https://en.m.wikipedia.org/wiki/Mitre_Corporation
> MITRE formed in 1958 as a military think tank, spun out from the radar and computer research at the MIT Lincoln Laboratory. Over the years, MITRE's field of study had greatly diversified. In the 1990s, with the winding down of the cold war, private companies complained that MITRE had an unfair advantage competing for civilian contracts; in 1996 this led to the civilian projects being spun off to a new company, Mitretek. Mitretek was renamed Noblis in 2007.
Readit News
Such transparency should serve as a model.
https://medium.com/mitre-engenuity/advanced-cyber-threats-im...
It seems like anything connected to it was fully compromised for quite some time.
Wonder what their time to detect was
Deleted Comment
> MITRE formed in 1958 as a military think tank, spun out from the radar and computer research at the MIT Lincoln Laboratory. Over the years, MITRE's field of study had greatly diversified. In the 1990s, with the winding down of the cold war, private companies complained that MITRE had an unfair advantage competing for civilian contracts; in 1996 this led to the civilian projects being spun off to a new company, Mitretek. Mitretek was renamed Noblis in 2007.