Several US government agencies targeted in cyberattack
A number of US government agencies were targeted in a cyberattack, according to the US Cybersecurity and Infrastructure Security Agency.
The agency released a statement on Thursday following the attack, saying it is “providing support to several federal agencies that have experienced intrusions.”
It is currently unclear who carried out the attack. Officials are investigating whether or not the attack is connected to a series of other hacking incursions that have been reported over the last two weeks.
The attack may be tied to a group of Russian hackers who have claimed responsibility for several recent cyberattacks.
CISA would not provide a comment outlining the number of agencies impacted by the hack or the severity of the breaches, according to CNN.
The sprawling hacking campaign reportedly began in earnest approximately two weeks ago, targeting universities and state government agencies.
Johns Hopkins University in Baltimore reported that its “sensitive personal and financial information” _ which includes health billing records — may have been compromised. State agencies in Missouri, Minnesota and Illinois were also impacted.
The attackers did not solely focus on the US; the BBC, British Airways, and the Shell oil company also reported hacks within the last two weeks.
The group claiming credit for the attack calls itself CLOP, and used ransomware attacks to effectively rob its targets.
CLOP posted the names of its alleged victims on their dark web site, though as of Thursday the site did not list any US federal agencies.
The attacks exploit a security flaw in a common file transfer program called MOVEIt.