CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Original release date: October 9, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a single intrusion—in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations. CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised.

The joint cybersecurity advisory contains information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue.

This product is provided subject to this Notification and this Privacy & Use policy.