MITRE Response to Cyber Attack in One of Its R&D Networks

To offer learnings from its experience, MITRE has published initial details about the incident via the Center for Threat-Informed Defense, found here.

McLean, Va., April 19, 2024 – MITRE today disclosed that despite its fervent commitment to safeguarding its digital assets, it experienced a breach that underscores the nature of modern cyber threats. After detecting suspicious activity on its Networked Experimentation, Research, and Virtualization Environment (NERVE), a collaborative network used for research, development, and prototyping, compromise by a foreign nation-state threat actor was confirmed.

Following detection of the incident, MITRE took prompt action to contain the incident, including taking the NERVE environment offline, and quickly launched an investigation with the support of in-house and leading third-party experts. The investigation is ongoing, including to determine the scope of information that may be involved. 

MITRE has contacted authorities and notified affected parties and is working to restore operational alternatives for collaboration in an expedited and secure manner. 

“No organization is immune from this type of cyber attack, not even one that strives to maintain the highest cybersecurity possible,” said Jason Providakes, president and CEO, MITRE. “We are disclosing this incident in a timely manner because of our commitment to operate in the public interest and to advocate for best practices that enhance enterprise security as well necessary measures to improve the industry’s current cyber defense posture. The threats and cyber attacks are becoming more sophisticated and require increased vigilance and defense approaches. As we have previously, we will share our learnings from this experience to help others and evolve our own practices.”

NERVE is an unclassified collaborative network that provides storage, computing, and networking resources. Based on our investigation to date, there is no indication that MITRE’s core enterprise network or partners’ systems were affected by this incident.

As part of our cybersecurity research in the public interest, MITRE has a 50-plus-year history of developing standards and tools used by the broad cybersecurity community. With frameworks like ATT&CK®, Engage™, D3FEND™, and CALDERA™ and a host of other cybersecurity tools, MITRE arms the worldwide community of cyber defenders.

To offer learnings from its experience, MITRE has published initial details about the incident via the Center for Threat-Informed Defense, found here, and plans to release additional information as the investigation continues and concludes.

Source