Several US federal government agencies, along with numerous companies and organizations, have fallen victim to a global cyberattack orchestrated by Russian cybercriminals. The attack exploits a vulnerability found in widely used software, according to the US Cybersecurity and Infrastructure Security Agency (CISA).
The impacted software, known as MOVEit, has prompted CISA to provide support to affected federal agencies in their efforts to address the intrusions. The agency is urgently working to understand the extent of the cyberattack, said Eric Goldstein, CISA’s executive assistant director for cybersecurity.
Cyberattack on Federal Agencies
Estimates from private experts suggest that several hundred US companies and organizations could be affected by the hacking spree in addition to the federal agencies. The ransomware gang responsible for the cyberattack, known as Clop, has a history of demanding multimillion-dollar ransoms. However, no ransom demands have been made to federal agencies thus far, according to a senior CISA official.
- Deadly Tornadoes Sweep Through Texas, Florida
- Manhattan Grand Jury Indicts Daniel Penny
- Saudi Crown Prince’s Visit to France
The situation has escalated as Progress Software, the US firm responsible for the software exploited by the hackers, revealed the discovery of a second vulnerability in the code that the company is actively working to fix.
The Department of Energy has confirmed that it is among the multiple federal agencies breached in this ongoing global hacking campaign. CISA Director Jen Easterly assured reporters that the hacks have not had any significant impacts on federal civilian agencies. She noted that the hackers have primarily capitalized on the software flaw opportunistically to gain unauthorized access to networks.
The recent attacks add to a growing list of victims affected by the sprawling hacking campaign that commenced two weeks ago. Major US universities and state governments have also been targeted, intensifying the pressure on federal officials who have pledged to combat the menace of ransomware attacks that have crippled various sectors across the country.