![]() ![]() One of the Department of Energy victims is Oak Ridge Associated Universities, a not-for-profit research center, a department spokesperson told CNN. “The Department has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach,” the spokesperson said in a statement. ![]() The Department of Energy “took immediate steps” to mitigate the impact of the hack after learning that records from two department “entities” had been compromised, the department spokesperson said. The Transportation Security Administration and the State Department said they were not victims of the hack. “We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” the company said in a statement.Īgencies were much quicker Thursday to deny they’d been affected by the hacking than to confirm they were. Progress Software, the US firm that makes the software, told CNN Thursday that a new vulnerability in the software had been discovered “that could be exploited by a bad actor.” Since late last month, the hackers have been exploiting a flaw in widely used software known as MOVEit that companies and agencies use to transfer data. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US. The news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacks have not had any “significant impacts” on federal civilian agencies, CISA Director Jen Easterly told reporters, adding that the hackers have been “largely opportunistic” in using the software flaw to break into networks. Russian-speaking cyber gang claims credit for hack of BBC and British Airways employee data Headquarters of the British Broadcasting Corporation (BBC) are pictured in London on March 11, 2023. The Department of Energy is among multiple federal agencies breached in the ongoing global hacking campaign, a department spokesperson confirmed to CNN. But no ransom demands have been made of federal agencies, the senior official told reporters in a background briefing.ĬISA’s response comes as Progress Software, the US firm that makes the software exploited by the hackers, said it had discovered a second vulnerability in the code that the company was working to fix. “We are working urgently to understand impacts and ensure timely remediation.”Īside from US government agencies, “several hundred” companies and organizations in the US could be affected by the hacking spree, a senior CISA official told reporters later Thursday, citing estimates from private experts.Ĭlop, the ransomware gang allegedly responsible, is known to demand multimillion-dollar ransoms. The US Cybersecurity and Infrastructure Security Agency “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. Several US federal government agencies have been hit in a global cyberattack by Russian cybercriminals that exploits a vulnerability in widely used software, according to a top US cybersecurity agency.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |