Multiple U.S. federal government agencies were hit in a global cyberattack allegedly carried out by the Russian ransomware gang known as Clop. The attack exploited a vulnerability in a file-sharing program popular among corporations and governments called MOVEit, per Homeland Security officials.
The US Cybersecurity and Infrastructure Security Agency is working to support the federal agencies that "experienced intrusions affecting their MOVEit applications," Eric Goldstein, the agency's executive assistant director for cybersecurity, told CNN on Thursday. "We are working urgently to understand impacts and ensure timely remediation."
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The cyberattacks did not have any "significant impacts" on the federal agencies, CISA Director Jen Easterly said in a statement to the press, noting that the hackers were "largely opportunistic" in exploiting the software flaw to access networks.
Progress Software, the US creator of the MOVEit software, recently discovered another vulnerable point in the software. Over the past few weeks, the hackers have taken advantage of a previously identified flaw in the widely-used software to access the data they transferred. The firm behind the software told CNN they'd discovered a new vulnerability "that could be exploited by a bad actor."
"We have communicated with customers on the steps they need to take to further secure their environments, and we have also taken MOVEit Cloud offline as we urgently work to patch the issue," the company said in a statement.
-
Why Britain is struggling to stop the ransomware cyberattacksThe Explainer New business models have greatly lowered barriers to entry for criminal hackers
-
Who are the new-wave hackers bringing the world to a halt?The Explainer Individual groups and nations are beginning to form concerning partnerships with new ways to commit cybercrime
-
Jaguar Land Rover’s cyber bailoutTalking Point Should the government do more to protect business from the ‘cyber shockwave’?
-
Google avoids the worst in antitrust rulingSpeed Read A federal judge rejected the government's request to break up Google
-
Supreme Court allows social media age check lawSpeed Read The court refused to intervene in a decision that affirmed a Mississippi law requiring social media users to verify their ages
-
Nvidia hits $4 trillion milestoneSpeed Read The success of the chipmaker has been buoyed by demand for artificial intelligence
-
X CEO Yaccarino quits after two yearsSpeed Read Elon Musk hired Linda Yaccarino to run X in 2023
-
Musk chatbot Grok praises Hitler on XSpeed Read Grok made antisemitic comments and referred to itself as 'MechaHitler'
