Jump to content
  • Exclusive: US government agencies hit in global cyberattack

    aum

    • 518 views
    • 4 minutes
     Share


    • 518 views
    • 4 minutes

    (CNN) -  “Several” US federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software.

    The US Cybersecurity and Infrastructure Security Agency “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. “We are working urgently to understand impacts and ensure timely remediation.”

     

    It was not immediately clear if the hackers responsible for breaching the federal agencies were a Russian-speaking ransomware group that has claimed credit for numerous other victims in the hacking campaign.

     

    A CISA spokesperson had no comment when CNN asked who carried out the hack of federal agencies and how many have been affected.

     

     Agencies were much quicker Thursday to deny they’d been affected by the hacking than to confirm they were. The Transportation Security Administration and the State Department said they were not victims of the hack.

     

    CISA Director Jen Easterly told MSNBC on Thursday that she was “confident” that there will not be “significant impacts” to federal agencies from the hacks because of the government’s defensive improvements.

     

    But the news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.

     

    Johns Hopkins University in Baltimore and the university’s renowned health system said in a statement this week that “sensitive personal and financial information,” including health billing records may have been stolen in the hack.

     

    Meanwhile, Georgia’s state-wide university system – which spans the 40,000-student University of Georgia along with over a dozen other state colleges and universities – confirmed it was investigating the “scope and severity” of the hack.

     

    A Russian-speaking hacking group known as CLOP last week claimed credit for some of the hacks, which have also affected employees of the BBC, British Airways, oil giant Shell, and state governments in Minnesota and Illinois, among others.

     

    The Russian hackers were the first to exploit the vulnerability, but experts say other groups may now have access to software code needed to conduct attacks.

     

    The ransomware group had given victims until Wednesday to contact them about paying a ransom, after which they began listing more alleged victims from the hack on their extortion site on the dark web. As of Thursday morning, the dark website did not list any US federal agencies.

     

    Instead, the hackers wrote in all caps, “If you are a government, city or police service do not worry, we erased all your data. You do not need to contact us. We have no interest to expose such information.”

     

    The CLOP ransomware group is one of numerous gangs in Eastern Europe and Russia that are almost exclusively focused on wringing their victims for as much money as possible.

     

    “The activity we’re seeing at the moment, adding company names to their leak site, is a tactic to scare victims, both listed and unlisted, into paying,” Rafe Pilling, director of threat research at Dell-owned Secureworks, told CNN.

     

    The new hacking campaign shows the widespread impact that a single software flaw can have if exploited by skilled criminals.

     

    The hackers – a well-known group whose favored malware emerged in 2019 – in late May began exploiting a new flaw in a widely used file-transfer software known as MOVEit, appearing to target as many exposed organizations as they could. The opportunistic nature of the hack left a broad swath of organizations vulnerable to extortion.

     

    Progress, the US firm that owns the MOVEit software, has also urged victims to update their software packages and has issued security advice.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...