Russian Hackers Infiltrate US Agencies, Says Cybersecurity Agency
A group of hackers from Russia has successfully infiltrated multiple agencies of the United States Government, according to an announcement made by the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday.
The cyberattack has been attributed to the “CL0P” group, also known as “TA505”, which operates from Russia, revealed a senior US government official in a press statement.
While there is currently no evidence suggesting that the hackers acted in coordination with the Russian government, it is an alarming breach of security.
In a telephone press conference, CISA Director Jen Easterly assured that the attack will not have a significant impact on the activities of the US government, stating that it is a campaign of small-scale cyberattacks.
It should be noted that this incident is unrelated to the large-scale cyberattack carried out by Russian agents in 2019, which targeted around 18,000 government agencies and big companies by exploiting vulnerabilities in the SolarWinds platform, Easterly added.
The hackers in this case exploited a vulnerability in a software called “MOVEit,” which is widely used by the federal government for file encryption and data transfer.
According to the disclosed information, the attackers used this vulnerability to infect computers with malicious programs, steal data, and then demand a ransom from the victims.
The developer of the vulnerable software, Ipswitch, published a statement on June 5 acknowledging the discovered vulnerability in “MOVEit” and initiated an investigation. They have also been collaborating with their customers to mitigate any potential damage.
Two days later, on June 7, CISA itself released a report urging government agencies to exercise caution and identified the “CL0P” group as the perpetrator.
This recent attack adds to the wave of cyberattacks that have targeted universities, hospitals, and local governments across the United States in recent weeks.
Among the victims is Johns Hopkins University and its affiliated health centers in Baltimore, which experienced a cyberattack on May 31 resulting in the theft of personal information, ranging from patient names to bank details, as reported by the institution on Wednesday.
The state university system in Georgia, including the University of Georgia, with around 40,000 students, and several other higher education institutions, also announced that they were targeted in a cyberattack and are currently assessing the extent and severity of the breach.
The state governments of Illinois and Minnesota have also fallen victim to cyberattacks at the end of May, as recently revealed.
(With information from EFE)
Keep reading: