Thursday, October 3, 2024
HomeCyber AttackUS Government Agencies Hit By Clop In MOVEit Global Cyberattack

US Government Agencies Hit By Clop In MOVEit Global Cyberattack

Published on

A global cyberattack targeting numerous US federal government institutions has been launched as a result of the recent revelation of vulnerabilities in the MOVEit Transfer and MOVEit Cloud platforms.

According to reports, the claimed responsible ransomware group, Clop, is known to seek multimillion-dollar ransoms. However, no demands for ransom had been made by federal agencies.

The US Cybersecurity and Infrastructure Security Agency is offering assistance to many government agencies whose MOVEit apps have been the target of breaches.

- Advertisement - EHA

Insights of the Clop In MOVEit Global CyberAttack

The attacks had not had any “significant impacts” on federal civilian agencies; the hackers have been “largely opportunistic” in utilizing the software hole to access networks.

The disclosure increases the number of victims of a massive cyber attack that started two weeks ago and has affected state governments and major US colleges. 

The cyber campaign puts more pressure on federal officials who have promised to stop the plague of ransomware assaults that have crippled local governments, hospitals, and schools throughout the US.

According to a report shared by CNN, the Department of Energy is one of the federal agencies that have been hacked.

When the Department of Energy discovered that documents from two department entities had been stolen, it took immediate steps to reduce the consequences of the breach.

Oak Ridge Associated Universities, a non-profit research center, is one of the Department of Energy’s victims. The other victim is a contractor with the department’s Waste Isolation Pilot Plant in New Mexico, which disposes of atomic energy.

The State Department and the Transportation Security Administration claimed they were not hacked.

Progress Software, the company that provides the software, confirmed the discovery of a new vulnerability in the software that a bad actor might exploit.

“We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” the company said.

Johns Hopkins University in Baltimore and the university’s renowned health system said that “sensitive personal and financial information,” including health billing records, may have been stolen in the hack.

Meanwhile, Georgia’s state university system, which includes the 40,000-student University of Georgia as well as more than a dozen other state schools and institutions, acknowledged it was looking into the scope and severity of the attack.

CLOP claimed responsibility for part of the breaches last week, which also impacted workers of the BBC, British Airways, the oil company Shell, and state governments in Minnesota and Illinois, among others.

Although Russian hackers were the first to exploit the MOVEit vulnerability, analysts believe that other parties may now have access to the software code required to carry out assaults.

The ransomware group had given victims until Wednesday to contact them about paying the ransom, after which they began listing more purported victims of the breach on their dark web extortion site.

The dark website did not mention any US federal agencies as of Thursday morning. 

Instead, the hackers stated in all caps, “If you are a government, city, or police service do not worry, we erased all your data. You do not need to contact us. We have no interest to expose such information.”

Hence, the identification of these flaws and subsequent intrusions serves as a sobering reminder of the continuous risks to cybersecurity and the necessity for continued attention and preventative actions to defend against possible attacks.

CISA recommends that all affected users and organizations study the MOVEit Transfer advice, implement the suggested countermeasures, and update as soon as patches become available.

Looking For an All-in-One Multi-OS Patch Management Platform – 

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

ANY.RUN announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...