U.S. cyberattack impacts federal agencies, NATO allies

0

Senior government officials are racing to limit the impact of what’s believed to be a global cyberattack affecting U.S. federal agencies and allies, including NATO member countries. 

The Cybersecurity and Infrastructure Security Agency (CISA) confirmed in a statement Thursday that it was providing support to “several federal agencies “that have experienced intrusions affecting their [file transfer] applications.”

“We are working urgently to understand impacts and ensure timely remediation,” the statement continued.

One cybersecurity expert characterized the breach as one of the largest theft and extortion events in recent history. Victims include Johns Hopkins University, the University of Georgia, the BBC and British Airways.

Cybersecurity experts say the hacking gang has been active since at least 2014 and is believed to operate from Russia with the tacit approval of Moscow’s intelligence services. CISA Director Jen Easterly identified the hackers as CLOP Ransomware.

“They’re basically taking data and looking to extort it,” Easterly said. 

Brett Callow, a cyber threat analyst with Emsisoft, told CBS News that there were 47 confirmed victims so far, “plus a number of as yet unidentified U.S. government agencies.” He added that CLOP claimed “hundreds of organizations have been impacted.” 

CLOP works by seizing sensitive data and holding it for ransom, threatening “after 7 days your data will start to be published.” It’s exploiting a vulnerability in a software program called MoveIt Transfer, which is widely used to transfer data. 

A CISA analyst note described CLOP as a ransomware variant that uses a double extortion ransomware strategy. The cybercriminal gang steals the information before encrypting it and then demands a ransom to head off the leaking of that information on CLOP’s ransomware site.

At this point, Easterly says the government is “focused specifically on the federal agencies that may be impacted” and is “working hand-in-hand with them to mitigate the risk.”

“We understand there are businesses, though, around the world,” she added. 

Researcher Bret Callow says victims also include banks and credit unions.

The FBI and CISA warned last week that in late May, a ransomware gang began exploiting a vulnerability in a the file-sharing software MoveIt Transfer.

The FBI declined to comment, but referred CBS News to the security advisory about MoveIt, which also encouraged private sector partners to implement recommended measure to protect themselves from the ransomware and to report any suspicious cyber activity to local FBI offices and CISA.

Nicole Sganga and Robert Legare contributed to this report.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Education News Click Here 

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment