Several U.S. federal government agencies have been hit in a global hacking campaign that reportedly exploited a vulnerability in widely used software, just 24 hours after hacker groups threaten to destroy European banks.

Eric Goldstein, the executive assistant director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), reported that “several federal agencies” experienced “intrusions” after a weakness was discovered in the file transfer software MOVEit.

“We are working urgently to understand impacts and ensure timely remediation,” said Goldstein.

Director of the CISA Jen Easterly told MSNBC that they are not expecting these cyberattacks to have a “significant impact” on U.S. government agencies.

“You know, these vulnerabilities are pretty common in software, and our job is to work with businesses to ensure they have the resources and tools to mitigate that risk,” Easterly said.

“It’s a software that federal agencies and companies around the world use. We put out an advisory about this last week. And we’re responding to it,” continued Easterly. “Right now we’re focused specifically on those federal agencies that may be impacted and we’re working hand in hand with them to be able to mitigate that risk. We understand that there are businesses, though, around the world. It’s another ransomware actor known as Clop Ransomware, and they’re basically taking data and looking to extort it.”

The CISA director did not specify which government agencies have been hit by the attack.

A Russian-speaking ransomware group known as ‘Clop’ has claimed responsibility for the MOVEit breach, which also impacted employees of the BBC, British Airways, Shell, and others. However, it is not clear if they are responsible for breaching the U.S. federal agencies.

In a statement on the online extortion group’s website, they insisted they would not exploit any data obtained from government agencies. They said, “If you are a government, city or police service do not worry, we erased all your data.”

On Thursday, a spokesperson for MOVEit said that the software is “engaged with federal law enforcement and other agencies” and is “committed to playing a leading and collaborative role in the industry-wide effort to combat increasingly sophisticated and persistent cybercriminals.”

One day prior to this attack, three pro-Russian hacker groups – KillNet, Anonymous Sudan, and REvil – announced their plan to work together to take down the entire European banking system in what they called “the most powerful cyber attack in the recent history of the world.”

Less than one month ago, Microsoft also reported that a state-sponsored Chinese hacking group called ‘Volt Typhoon’ had been caught spying on critical U.S. cyber infrastructure organizations.

 

Join The Conversation. Leave a Comment.


We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.