Multiple US federal government agencies have fallen victim to a global cyberattack that takes advantage of a vulnerability found in widely used software.
The US Cybersecurity and Infrastructure Security Agency (CISA) is actively assisting the affected federal agencies, specifically those that have encountered intrusions affecting their MOVEit applications.
Eric Goldstein, the executive assistant director for cybersecurity at CISA, stated in a CNN interview that they are working urgently to assess the extent of the impacts and ensure prompt remediation.
it is unclear if hackers linked to a Russian ransomware group behind other targets in the campaign.
Cyberattack denial
Agencies swiftly denied being affected by the Thursday hacking, with faster denials than confirmations. The Transportation Security Administration and the State Department affirmed no targeting in the hack.
Jen Easterly, the Director of CISA, expressed confidence during an MSNBC interview on Thursday, assuring that federal agencies would not experience significant consequences from the hacks due to the defensive enhancements implemented by the government.
The list of victims continues to grow in an extensive hacking campaign that began two weeks ago, targeting prominent US universities and state governments.
The hacking spree increases pressure on federal officials combating ransomware attacks disrupting schools, hospitals, and local governments in the US.
Johns Hopkins University, located in Baltimore, and its esteemed health system announced this week that the hack may have resulted in the theft of “sensitive personal and financial information,” including health billing records.
Simultaneously, Georgia’s statewide university system, which encompasses the University of Georgia with its 40,000 students, along with several other state colleges and universities, confirmed an investigation into the extent and seriousness of the hack.
A Russian-speaking hacking group called CLOP took credit for some of the hacks last week, affecting not only the mentioned universities but also employees of the BBC, British Airways, the oil giant Shell, and state governments in Minnesota and Illinois, among other targets.
Although the Russian hackers were the first to exploit the vulnerability, experts warn that other groups may now possess the software code required to carry out similar attacks.
The CLOP ransomware group represents just one among several gangs operating in Eastern Europe and Russia, with their primary objective being to extract maximum financial gains from their victims.
5