The US Department of Energy is being targeted by hackers demanding a ransom.

Data was compromised at the two organizations after hackers breached the systems through a security vulnerability in the MOVEit Transfer file transfer tool. This software is widely used by organizations worldwide to share sensitive data.

From US government agencies to UK telecommunications and energy giant Shell, a host of victims have emerged since Massachusetts-based Progress Software discovered a security vulnerability in MOVEit Transfer last month.

Its widespread impact demonstrates how even the most security-conscious government agencies are struggling to combat ransomware attacks. Ransomware groups often target such widely used tools.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Thursday that several federal agencies had been targeted by hackers. They did not specify which agencies, but added that there was little impact on federal civil enforcement. Analysts said more victims are likely to emerge in the coming weeks.

A spokesperson for the U.S. Department of Energy said the ransom demands were sent via email to individual facilities, but did not disclose the amount requested. The spokesperson stated, “The two entities that received them did not interact with Cl0p, and there is no indication that the ransom demands have been withdrawn.”

The Cl0p group stated in a post on its website, which included the content "WE DO NOT HAVE ANY GOVERNMENT DATA" and if we accidentally obtain it, "WE WILL STILL HANDLE IT POLITELY AND DELETE IT ALL".

Recorded Future analyst Allan Liska said Cl0p may have caused a major incident by deliberately deleting government data to protect itself from retaliation from the US and other governments.

Hoang Anh (according to Reuters)