Russian hacking group infiltrates several U.S. government agencies
Russian ‘hacker’ group managed to infiltrate several U.S. government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) announced Thursday.
Behind the cyberattack is. the ‘CL0P’ group, also known as ‘TA505’, which is based in Russia, a senior U.S. government official has said.
That source has explained that, for now, there is no evidence to indicate that the ‘hackers’ acted in coordination with the Russian government.
In a telephone press conference, CISA director Jen Easterly assured that. the attack “will not have a significant impact” on government activities and has explained that it is a small-scale cyberattack campaign.
Easterly has said that what happened Has nothing to do with the massive cyberattack they perpetrated in 2019. Russian agents against some 18,000 U.S. government agencies and major U.S. companies, exploiting problems in the SolarWinds platform.
In this case, the attackers have taken advantage of. a vulnerability in a software called “MOVEit”.which is frequently used by the federal government to encrypt files and transfer data.
According to information disclosed Thursday, hackers used the vulnerability to infect computers with malwaresteal data and then demand a reward from the victims.
Ipswitchthe company that developed the software, gave details on June 5 in a statement of the vulnerability that had been discovered in “MOVEit” and announced that it had opened an investigation and was working with its customers to prevent any damage.
Two days later, on June 7, CISA itself published a report that. called on government agencies to exercise caution. and was already pointing to “CL0P” as the culprit.
This new attack adds to those suffered in recent weeks by universities, hospitals and local governments in the United States.
Among the victims are. Johns Hopkins University in Baltimore and the health centers associated with that educational institution, which last May 31 suffered a cyber-attack that resulted in the theft of personal information, from patient names to bank details, the institution said in a statement yesterday, Wednesday.
Also, the state university system of Georgiawhich includes the 40,000-student University of Georgia and a dozen other institutions of higher education, announced Wednesday that it will had suffered a cyber attack and was studying its “scope” and “severity”.
The state governments of Illinois and Minnesota also suffered a cyberattack in late May, they announced in recent days.