CNN revealed, on Thursday, that several government agencies in the United States were exposed to a cyberattack, through a widely used software vulnerability.
US Cybersecurity and Infrastructure Security Agency official Eric Goldstein said the agency “provides support to many compromised federal agencies” by targeting vulnerable software.
And he continued, in a statement to “CNN”, that work is underway and urgently to absorb the impact of the breach and ensure that it is addressed promptly.
It was not immediately clear if the hackers were a Russian-speaking ransomware group that has previously claimed responsibility for previous hacking campaigns.
A spokesperson for the cybersecurity agency did not respond to a CNN question about who was responsible for hacking US agencies or how many agencies were targeted.
Ransomware users identify vulnerable computer systems and illegally gain access to them, by hacking them or by purchasing access credentials, stolen from others, and then deploy the malware within the victim’s computer system, allowing them to encrypt and steal data.
Afterwards, the hackers send a message to the victim asking for a payment in exchange for decrypting the victim’s data or not disclosing it.
Two weeks ago, several prominent American universities, as well as state governments, were subjected to cyberattacks.
Johns Hopkins University in Baltimore said in a statement this week that “sensitive personal and financial information” may have been targeted in the hack.
The University of Georgia and a dozen other public colleges and universities in the state also suffered a cyberattack and announced that an investigation into its scope and severity was underway.
Last week, a Russian-speaking hacking group called CLOP claimed responsibility for some of the latest attacks, which also targeted employees of the BBC, British Airways, oil giant Shell, and the governments of Minnesota and Illinois.
Russian hackers were the first to exploit this vulnerability through which they were able to carry out the attack, but according to what experts told CNN, other groups may have the ability to launch such attacks in the same way.
The group gave its victims until Wednesday to communicate and pay a ransom, after which it began publishing lists of their alleged victims on the Dark Web, but no US federal agency was listed until Thursday morning.
The hackers in the group took advantage of a vulnerability in the MOVEit program, which is widely used to transfer files.
The hacked program was produced by the American company “Progress”, and the latter asked the victims to update their programs and provided them with security advice.
At the end of May, Western intelligence agencies and Microsoft revealed that a Chinese state-sponsored hacking group had spied on a wide range of critical infrastructure organizations in the United States.
And Microsoft added in a report, reported by Reuters, that the espionage targeted the island of Guam, which includes strategic US military bases, and that “mitigating the effects of this attack may represent a difficult challenge.”
