US Federal Agencies Hacked Using Legitimate Remote Desktop Tools

The U.S. government's cybersecurity agency has warned that criminal financially motivated hackers compromised federal agencies using legitimate remote desktop software. From a report: CISA said in a joint advisory with the National Security Agency on Wednesday that it had identified a "widespread cyber campaign involving the malicious use of legitimate remote monitoring and management (RMM) software" that had targeted multiple federal civilian executive branch agencies -- known as FCEBs -- a list that includes Homeland Security, the Treasury, and the Justice Department. CISA said it first identified suspected malicious activity on two FCEB systems in October while conducting a retrospective analysis using Einstein, a government-operated intrusion detection system used for protecting federal civilian agency networks. Further analysis led to the conclusion that many other government networks were also affected.

Read more of this story at Slashdot.