MITRE corporation reports cyber attack caused by exploiting Ivanti flaw

The MITRE Corporation, a nonprofit that manages federally funded research and development centers, is reported a significant cyber attack on one of its internal R&D networks - Networked Experimentation, Research, and Virtualization Environment (NERVE), a collaborative network used for research, development, and prototyping.

MITRE has engaged with federal law enforcement and its federal sponsors to investigate the attack and work towards identifying those responsible. This attack is attributed to the Chinese hacking group UNC5221. The breach involved the exploitation of zero-day vulnerabilities in the Ivanti Connect Secure appliance, which is used to provide remote network access.

The organization stressed that the compromised network was isolated from its primary business and public-facing networks, which remain secure and operational.

No details are disclosed about the impact of the attack and any compromised information or individuals.