According to the US Cybersecurity and Infrastructure Security Agency (CISA), the US government has been targeted in a global hacking campaign that exploited a vulnerability in widely used software. However, CISA stated that the cyber attack has not had a significant impact. The intrusions occurred after a weakness in the file transfer software MOVEit was discovered. CISA is currently working to understand the extent of the impacts and provide timely remediation. Although the agencies affected were not identified, CISA is offering support to federal agencies dealing with the intrusions related to their MOVEit applications.
In addition to federal agencies, other organizations such as Johns Hopkins University and Georgia’s state-wide university system have reported being affected by the hack. Sensitive personal and financial information may have been stolen in the case of Johns Hopkins University. It is believed that the ransomware gang Clop, responsible for exploiting a critical security vulnerability in a corporate file transfer tool, may have been using the MOVEit vulnerability since 2021. The Russian-speaking hacking group has claimed credit for recent hacks targeting employees of BBC, British Airways, Shell, and state governments in Minnesota and Illinois.
While Clop has stated that they will not exploit data taken from government agencies, concerns remain as other groups may now have access to the software code necessary to carry out similar attacks. CISA Director Jen Easterly expressed confidence that federal agencies will not experience significant impacts due to the government’s defensive improvements. However, the investigation and assessment of the hack’s scope and severity are still ongoing.
