Fri 16 June 2023:
Multiple US government websites were compromised during a global ransomware attack, according to a report published Thursday.
The worldwide hack exploited a vulnerability in commonly used software the US Cybersecurity and Infrastructure Security Agency’s (CISA) acting chief told CNN that the agency is “providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.”
“We are working urgently to understand impacts and ensure timely remediation,” he added.
MOVEit is the software that was reportedly targeted. It is used to encrypt and transfer sensitive files.
CISA did not immediately respond to a request for comment.
The culprit behind the attack has not been publicly identified, and CNN reported that it is not clear if it is the same Russian-speaking CLOP group that claimed credit for other attacks.
CLOP claimed responsibility for attacks that targeted employees of the Shell oil company, the BBC, British Airways, German manufacturer Heidelberg, investment management firm Putnam Investments, the Illinois and Minnesota state governments and many others.
CLOP gave victims until Wednesday to pay a ransom or have their personal data leaked on to the darkweb.
MOVEit is a widely used software, and the full scope of the hack has yet to fully come in to focus. Maker Progress has urged users to update their software and offered security advice, according to CNN.
Experts told CNN that even though CLOP was behind the first wave of attacks using MOVEit vulnerabilities, other groups and individuals may have followed suit.
SOURCE: INDEPENDENT PRESS AND NEWS AGENCIES
______________________________________________________________
FOLLOW INDEPENDENT PRESS:
TWITTER (CLICK HERE)
https://twitter.com/IpIndependent
FACEBOOK (CLICK HERE)
https://web.facebook.com/ipindependent
Think your friends would be interested? Share this story!
