The US government has confirmed that several federal institutions have been the target of cyberattacks that took advantage of a flaw in a widely used file transfer tool's security.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed that several agencies had experienced attacks due to exploiting a flaw in Progress Software's business file transfer application, MOVEit Transfer.
The Clop ransomware gang, which has ties to Russia and has started naming the companies it claims to have compromised using the MOVEit vulnerability, is responsible for these assaults, according to CISA.
The Department of Energy (DoE) revealed that two of its institutions were affected, while the number of impacted agencies is unknown, according to TechCrunch.
The energy department said it "took immediate steps to prevent further exposure to the vulnerability" after learning of the breach and informing CISA. The DoE has also started working with law enforcement, CISA, and the impacted organizations to investigate the occurrence and lessen its effects.
According to Jen Easterly, head of CISA, the MOVEit hack was mainly opportunistic, did not specifically target high-value data, and was not as harmful as earlier assaults on US government institutions, The New York Times reported.
The official reassured reporters that this recent cyberattack does not represent a systemic danger, unlike the SolarWinds hack, which affected multiple intelligence agencies in 2020.
Clop's Massive Operation
CISA and FBI investigators' evaluations indicate that the cyberattack is a component of a more extensive ransomware campaign run by the Russian Clop gang. The group's MOVEit software attack targeted enterprises, colleges, and municipal governments, according to a CNN report. A slew of attacks that have affected companies, including the BBC, British Airways, Shell, and Minnesota and Illinois state governments, have lately been blamed on Clop.
Although Russian hackers initially used the MOVEit vulnerability, researchers caution that other organizations may now access the necessary software code to carry out identical online assaults.
The Clop ransomware group is one of the numerous criminal groups operating in Eastern Europe and Russia dedicated to using ransomware scams to extort large amounts of money from their victims.
Related Article: Meta Faces Backlash After Failing to Curb Fraud on Its Platforms