CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang

CISA 要求美国联邦机构在三天内修复正遭勒索软件团伙攻击的 VPN 漏洞

A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday.

一个勒索软件团伙正在积极利用美国联邦政府所使用的安全工具中一个尚未修复的漏洞，这促使美国网络安全局（CISA）下令所有民事机构必须在周三结束前修复该漏洞。

Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as digital gatekeepers to protect company networks from unauthorized access.

网络安全公司 Check Point Software 表示，该漏洞影响了其多款远程访问工具、防火墙和 VPN，这些产品充当着保护公司网络免受未经授权访问的数字守门人。

The company said in a separate blog post that it had confirmed the bug was being exploited by a known ransomware group called Qilin to hack into “a few dozen targeted organizations globally” that rely on the affected security tools. The hacks began on May 7 but activity began to rise last week, per Check Point.

该公司在另一篇博客文章中表示，已确认该漏洞正被一个名为 Qilin 的已知勒索软件团伙利用，以入侵全球范围内依赖这些受影响安全工具的“几十个目标组织”。据 Check Point 称，这些黑客攻击始于 5 月 7 日，但相关活动在上周开始增加。

Given the risk to the federal government’s enterprise network, CISA on Monday ordered all civilian federal agencies — such as Homeland Security, the Department of State, and the Treasury — to fix any instances where agencies are using the affected products by end of day June 11.

鉴于联邦政府企业网络面临的风险，CISA 于周一命令所有联邦民事机构（如国土安全部、国务院和财政部）在 6 月 11 日结束前，修复机构内所有使用受影响产品的实例。

The agency cited BOD 22-01, its operational guidance memo that allows it to instruct agencies to take security action when there is an active cyber threat to government networks.

该机构援引了 BOD 22-01 指令，这是一份操作指导备忘录，允许其在政府网络面临活跃的网络威胁时，指示各机构采取安全行动。