Data was "compromised" at the two organizations after hackers breached systems through a security flaw in the MOVEit Transfer file transfer tool, which is widely used by organizations around the world to share sensitive data.
Photo: GI
From US government agencies to telecoms regulators and UK energy giant Shell, a string of victims have emerged since Massachusetts-based Progress Software discovered a security flaw in MOVEit Transfer last month.
Its wide-ranging impact shows how even the most security-conscious government agencies struggle to fend off ransomware attacks, which ransomware gangs often hunt for widely used tools like these.
The US Cybersecurity and Infrastructure Security Agency (CISA) said on Thursday that several federal agencies had been hacked. It did not specify which units, but added that there had been little impact on the federal civilian executive branch. Analysts said more victims were likely to emerge in the coming weeks.
A Department of Energy spokesman said the ransom demands were sent via email to each facility, but did not disclose the amount requested. “The two entities that received them did not interact with Cl0p and there is no indication that the ransom demands were withdrawn,” the spokesman said.
The Cl0p team stated in a post on its website, which read “WE DO NOT HAVE ANY GOVERNMENT DATA” and if we accidentally obtained it, “WE WILL STILL POLITELY DEAL WITH IT AND DELETE IT ALL.”
Recorded Future analyst Allan Liska said Cl0p may have made a big deal out of it by deliberately deleting government data to protect itself from retaliation from the US and other governments.
Hoang Anh (according to Reuters)
Source
Comment (0)