MITRE defines NERVE as “an unclassified collaborative network that provides storage, computing, and networking resources.”
However, the company’s CEO Providakes clarified that “there is no indication that MITRE’s core enterprise network or partners’ systems were affected by this incident.”
Upon detection of the breach, the company said it took swift and comprehensive action including “taking the NERVE environment offline” and launched an investigation taking the help of in-house and third-party experts. “MITRE followed best practices, vendor instructions, and the government’s advice to upgrade, replace, and harden our Ivanti system, but we did not detect the lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient,” the company added in the blog post.
“We quickly closed the front door after the Ivanti and CISA advisories, but the back door was already open,” MITRE’s CTO Charles Clancy said in a LinkedIn post.
Rising menace of nation-state cyberattacks
In recent times, there has been a surge in foreign nation-state cyberattacks across the globe. Such attacks, as BAE Systems put it, have a “license to hack.” “They work for a government to disrupt or compromise target governments, organizations or individuals to gain access to valuable data or intelligence, and can create incidents that have international significance,” the company said.
According to the US Cybersecurity, and Infrastructure Security Agency (CISA), “sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.”