() — “Several” US federal government agencies were affected in a global cyberattack that exploited a vulnerability in widely used software.
The US Cybersecurity and Infrastructure Security Agency (CISA) “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” said Eric Goldstein, Executive Deputy Director of Cybersecurity. from the agency, in a statement Thursday to , referring to the affected software. “We are working urgently to understand the impacts and ensure timely repair of the damage.”
It was not immediately clear if the cybercriminals responsible for the attacks on federal agencies were a group of ransomware Russian-speaking, which has claimed responsibility for numerous other attacks in the hacking campaign.
A CISA spokesman declined to comment on ‘s question about who carried out the cyberattack against federal agencies and how many were affected.
But the news adds to the growing number of victims of a campaign of cybersecurity attacks that began two weeks ago and has affected major universities and state governments in the United States. The wave of attacks increases the pressure on federal authorities, who have vowed to make a dent in the attacks of ransomware that have affected schools, hospitals, and local governments across the United States.
Baltimore’s Johns Hopkins University and the university’s renowned healthcare system said this week that “sensitive personal and financial information,” including healthcare billing records, may have been stolen in the attack.
For its part, Georgia’s state university system, which includes the University of Georgia, with 40,000 students, and more than a dozen state colleges and universities, confirmed that it was investigating the “scope and severity” of the attack.
A group of hackers Russian-speaking network known as CLOP claimed responsibility last week for some of the hacks, which have also affected employees of the BBC, British Airways, oil giant Shell, and the state governments of Minnesota and Illinois, among others.
The hackers The Russians were the first to exploit the vulnerability, but experts say that other groups may now have access to the code of software necessary to carry out the attacks.
The group of hackers had given until Wednesday for the victims to contact them to pay the ransom, after which they began listing more alleged victims of the attack on their extortion site in the dark web. As of Thursday morning, the website did not list any US federal agencies.
The episode shows the wide-ranging impact a single failure of software if it is exploited by skilled criminals.
The hackersa well-known group whose malware favorite emerged in 2019, they started exploiting a new flaw in a software widely used file transfer platform known as MOVEit, in late May, which seemed to target as many exposed organizations as they could. The opportunistic nature of the hack left a wide swath of organizations vulnerable to extortion.
Progress, the US company that owns the software MOVEit has also urged victims to update their software packages. software and has issued safety advice.