US Department of Energy and other US agencies report cyberattacks
Published 1 year ago
US Department of Energy and other US agencies report cyberattacks
On June 15th, officials announced that The US Department of Energy and several other federal agencies were hit in a global hacking campaign that exploited a vulnerability in widely used file-transfer software.
What Reuters is describing as a global hacking spree, reported that-
“The U.S. Department of Energy and several other federal agencies were hit in a global hacking campaign that exploited a vulnerability in widely used file-transfer software, officials said on Thursday.
Data was "compromised" at two entities within the energy department when hackers gained access through a security flaw in MOVEit Transfer, the department said in a statement.
A DOE official said those entities were the DOE contractor Oak Ridge Associated Universities, and the Waste Isolation Pilot Plant - the New Mexico-based facility for disposal of defense-related nuclear waste.”
Britain and other countries also attacked
British energy giant Shell (SHEL.L), the University System of Georgia, the Johns Hopkins University and the Johns Hopkins Health System were also hit, all three groups said in separate statements. The latter is a nonprofit that collaborates with the university and runs six hospitals and primary care centers.
These new victims add to a growing list of entities in the U.S., Britain and other countries whose systems were infiltrated through the MOVEit Transfer software. The hackers took advantage of a security flaw that its maker, Progress Software (PRGS.O), discovered late last month.
MORE ABOUT THE PERPETRATORS
Aside from US government agencies, other companies and organizations in the US could be affected by the hacking spree, a senior CISA official told reporters, citing estimates from private experts.
CNN reported that- Clop, the ransomware gang allegedly responsible, is known to demand multimillion-dollar ransoms. But no ransom demands have been made of federal agencies, the senior official told reporters in a background briefing.
CISA’s response comes as Progress Software, the US firm that makes the software exploited by the hackers, said it had discovered a second vulnerability in the code that the company was working to fix.
Russian-speaking cyber gang claims credit for hack of BBC and British Airways employee data.
The hacks have not had any “significant impacts” on federal civilian agencies, CISA Director Jen Easterly told reporters, adding that the hackers have been “largely opportunistic” in using the software flaw to break into networks.
The news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.
E-Panzer wants you to stay informed
For the experts at e-Panzer it is essential that our clients are kept up to date on the cyber criminal activities that might affect our country and organizations. We want our clients to be prepared for and educated about the major cyberattacks in the US and abroad. Contact us now to learn more and please send us your feedback or comments. Communication is key in protecting us all against cyber crime.
