Russian hackers allegedly breach US government agencies in cyberattack


Multiple U.S. federal government agencies were hit in a global cyberattack allegedly carried out by the Russian ransomware gang known as Clop. The attack exploited a vulnerability in a file-sharing program popular among corporations and governments called MOVEit, per Homeland Security officials.
The US Cybersecurity and Infrastructure Security Agency is working to support the federal agencies that "experienced intrusions affecting their MOVEit applications," Eric Goldstein, the agency's executive assistant director for cybersecurity, told CNN on Thursday. "We are working urgently to understand impacts and ensure timely remediation."
While all the affected agencies have not been identified, a Department of Energy representative confirmed with CNN that the agency was among the targets. In addition to the U.S. government agencies, "several hundred" U.S. companies and organizations could have been swept up in the hacking spree, a senior CISA official estimated. In the past, Clop, the Russian ransomware gang allegedly behind the cyberattacks, has asked for multimillion-dollar ransoms. Still, the senior official added that the hackers made no demands in this case.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The cyberattacks did not have any "significant impacts" on the federal agencies, CISA Director Jen Easterly said in a statement to the press, noting that the hackers were "largely opportunistic" in exploiting the software flaw to access networks.
Progress Software, the US creator of the MOVEit software, recently discovered another vulnerable point in the software. Over the past few weeks, the hackers have taken advantage of a previously identified flaw in the widely-used software to access the data they transferred. The firm behind the software told CNN they'd discovered a new vulnerability "that could be exploited by a bad actor."
"We have communicated with customers on the steps they need to take to further secure their environments, and we have also taken MOVEit Cloud offline as we urgently work to patch the issue," the company said in a statement.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Theara Coleman has worked as a staff writer at The Week since September 2022. She frequently writes about technology, education, literature and general news. She was previously a contributing writer and assistant editor at Honeysuckle Magazine, where she covered racial politics and cannabis industry news.
-
Holy mate-trimony: the rise of 'friendship marriages'
Under the Radar Young people in China, Japan and the US are saying 'I do' to platonic unions, to alleviate social pressure or loneliness and access financial benefits
-
Deportations ensnare migrant families, U.S. citizens
Feature Trump's deportation crackdown is sweeping up more than just immigrants as ICE targets citizens, judges and nursing mothers
-
Trump shrugs off warnings over trade war costs
Feature Trump's tariffs are spiraling the U.S. toward an economic crisis as shipments slow down—and China doesn't plan to back down
-
Amazon launches 1st Kuiper internet satellites
Speed Read The battle of billionaires continues in space
-
Test flight of orbital rocket from Europe explodes
Speed Read Isar Aerospace conducted the first test flight of the Spectrum orbital rocket, which crashed after takeoff
-
Apple pledges $500B in US spending over 4 years
Speed Read This is a win for Trump, who has pushed to move manufacturing back to the US
-
Microsoft unveils quantum computing breakthrough
Speed Read Researchers say this advance could lead to faster and more powerful computers
-
TikTok's fate uncertain as weekend deadline looms
Speed Read The popular app is set to be banned in the U.S. starting Sunday
-
Appeals court kills FCC net neutrality rule
Speed Read A U.S. appeals court blocked Biden's effort to restore net-neutrality rules
-
Judge rejects Elon Musk's $56B pay package again
Speed Read Judge Kathaleen McCormick upheld her rejection of the Tesla CEO's unprecedented compensation deal
-
DOJ seeks breakup of Google, Chrome
Speed Read The Justice Department aims to force Google to sell off Chrome and make other changes to rectify its illegal search monopoly