Several US government agencies have been hit in a global hacking campaign that exploited a vulnerability in a widely used software, the United States cyber-watchdog agency said Thursday.
The US Cybersecurity and Infrastructure Security Agency (CISA) said several federal agencies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement.
Keep readinglist of 4 items
“We are working urgently to understand impacts and ensure timely remediation,” he said.
CISA did not immediately return emails from the Reuters news agency seeking further comment. The FBI and US National Security Agency also did not immediately return emails seeking details on the breaches.
The United States does not expect any “significant impact” from a cyberattack that hit its government agencies, Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency, told MSNBC.
The agency was working to fully figure out the attack’s impact and coordinating with other agencies to ensure remediation, Easterly said.
“Right now, we’re focused quickly on those federal agencies that may be impacted and we’re working hand in hand with them to be able to mitigate that risk,” she said.
MOVEit, made by Progress Software Corp, is typically used by organisations to transfer files between their partners or customers.
It could be used by a financial institution that requires their customers to upload their data to apply for a loan, John Hammond, a senior researcher at the security firm Huntress, said earlier this month.
“There’s a whole lot of potential for what an adversary might be able to get into,” he said.
The online extortion group Cl0p, which has claimed credit for the MOVEit hack, has previously said it would not exploit any data taken from government agencies.
“IF YOU ARE A GOVERNMENT, CITY OR POLICE SERVICE DO NOT WORRY, WE ERASED ALL YOUR DATA,” the group said in a statement on its website.
Neither Cl0p nor Progress immediately responded to requests for comment from Reuters.
Earlier this month, US and British cybersecurity officials warned that a Russian cyber-extortion gang had hacked MOVEit and that would have a global impact as the file-transfer program was popular with businesses. Zellis, a leading payroll services provider in the UK that serves British Airways, the BBC and hundreds of others, was among the affected users. UK chemist chain Boots was also affected.
Last month, Microsoft accused Chinese state-sponsored hackers of carrying out attacks against critical infrastructure in the United States.