New cyberattack against multiple U.S. government agencies detected
The U.S. Cybersecurity and Infrastructure Security Agency said they were already working to mitigate the risks.
This Thursday, several federal agencies were victims of a cyberattack that took advantage of a vulnerability in one of the most widely used software by governments and companies worldwide.
According to Eric Goldstein, deputy executive director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), hard work is underway to determine the consequences of the attack and attempt to remediate the problem.
CISA has not clarified precisely which federal agencies were breached but clarified that the software that was breached is used for file transfer and is called "MOVEit."
"These vulnerabilities are pretty common in software, and our job is to work with businesses to ensure they have the resources and tools to mitigate that risk. Right now, we're focused specifically on those federal agencies that may be impacted, and we're working hand in hand with them to be able to mitigate that risk," said Jen Easterly, director of CISA.
Online group claims responsibility for attack
A cybercriminal network known as Cl0p claimed responsibility for the attack and said it does not plan to export any data from government agencies.
"If you are a government, city or police service, do not worry, we erased all your data," the group stated.
Other attacks
In the last decade, the government has suffered several cyber attacks. Earlier this year, the FBI suffered a hack of its network involving a child sexual exploitation computer system.
In 2021, someone contacted law enforcement with the FBI's legitimate email address. A widespread cyber espionage operation by hackers linked to Russian intelligence was also uncovered in 2020. In 2015, the Office of Personnel Management (OPM) had federal employee records stolen and that attack was attributed to Chinese hackers.
U.S. must prepare for sabotage
Shortly before the cyber attack, Easterly reported that China has been investing in advancing cyber technologies created to sabotage U.S. infrastructure and warned that the U.S. should prepare for "aggressive" sabotage by Chinese hackers.
Although the CISA director at the time stated that the cyber attack would occur in the event of a conflict, she warned that the United States may not be prepared to prevent attacks and this recent intrusion may prove it.