- A global cyberattack that Russian hackers allegedly conducted struck several United States government agencies
- The US Cybersecurity and Infrastructure Security Agency was working to provide support to affected agencies
- There were also several hundred companies and organizations in the US that could have been affected by the breach
A global cyberattack allegedly conducted by Russian hackers struck government agencies in the United States, including the Energy Department, exploiting a vulnerability in widely used software.
A top US cybersecurity agency, the US Cybersecurity and Infrastructure Security Agency (CISA) said it supports various federal agencies. These have experienced intrusions that have affected their MOVEit applications.
Global Cyberattack Hits US Government Agencies
The agency's executive assistant director for cybersecurity, Eric Goldstein, released a statement on Thursday, saying that they are now working to understand the impacts of the attacks and ensure timely remediation.
On Thursday, a senior CISA official said that several hundred companies and organizations may have been affected by the hack on top of government agencies. He cited estimates made by private experts, as per CNN.
The ransomware gang that is believed to be behind the cyberattack, Clop, is known to demand multimillion-dollar ransoms. However, no ransom demands have been made in connection to the cyberattacks on federal agencies, said a senior official.
CISA's response to the incident comes as the US firm that makes the software exploited by the criminals, Progress Software, said that it discovered a second vulnerability in the code and was already working on a fix for the issue.
On the other hand, a spokesperson said the Department of Energy was among the agencies affected by the cyberattack. CISA Director Jen Easterly said the hacks had no "significant impacts" on federal civilian agencies. He added that the criminals have been opportunistic in using the software flaw to break inside various networks.
Russian Cybercriminal Group
In separate statements, various global agencies and organizations have revealed that they were also affected by the global cyberattack, including British energy giant Shell, the Johns Hopkins University, the Johns Hopkins Health System, and the University System of Georgia, according to Reuters.
A spokeswoman for Shell, Anna Arata, said that the MOVEit Transfer was used by only a "small number" of employees and customers. She added that there was no evidence of any impact on Shell's core IT systems. Arata noted that there are roughly 50 users of the tool, and they are now investigating the potential data that have been affected.
A senior researcher at the security firm Huntress, John Hammond, said that MOVEit could also be used by financial institutions that need customers to upload their data to apply for a loan. He added that there is much potential for what a criminal can get into if they hacked it.
Clop also said that it would not exploit any data it takes from government agencies, saying there is no need to worry if you are a government, city, or police service. The group said that it simply erased the data that they got access to, said WION News.
Related Article: Federal Grand Jury Indicts Pentagon Leak Suspect Jack Teixeira
