According to a leading US cybersecurity group, several US federal government institutions have been the target of a global cyberattack by Russian cybercriminals that takes advantage of a flaw in widely used software.
The US Cybersecurity and Infrastructure Security Agency “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said about global cyberattack in a statement to CNN on Thursday. “We are working quickly to comprehend the effects and guarantee prompt remediation.”
Multimillion Dollar Ransoms in Demand
A senior CISA officer informed reporters later on Thursday, citing estimates from private specialists, that “several hundred” businesses and organizations in the US may also be impacted by the hacking campaign in addition to US government institutions.The claimed responsible ransomware gang, Clop, is known to demand multimillion dollar ransoms. However, the senior official informed reporters at a background briefing that no demands for ransom have been made of federal agencies.
The US business Progress Software, which created the software used by the hackers, said it had found a second weakness in the system and was trying to remedy it when CISA responded. A department spokeswoman confirmed to CNN that the Department of Energy is one of the federal organizations that have been compromised in the ongoing global cyberattack.
Global cyberattack hits U.S. government
No Significant Impact on Federal Agencies
According to CISA Director Jen Easterly, who told reporters that the intrusions had not had any “significant impacts” on federal civilian agencies, the hackers have been “largely opportunistic” in utilising the software hole to access networks. The disclosure increases the number of victims of a massive global cyberattack that started two weeks ago and has affected state governments and major US colleges. The cyber binge puts more pressure on federal officials who have promised to do something about the ransomware plague that has crippled local governments, hospitals, and schools across the US.
Since the end of last month, hackers have been taking advantage of a vulnerability in MOVEit, a popular data transfer programme used by businesses and government organisations. The software’s maker, Progress Software, said CNN on Thursday that a fresh vulnerability had been found in the programme “that could be exploited by a bad actor.”The firm released a statement saying, “We have spoken with customers about the actions they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue.”
