AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

US federal agencies in the crosshairs of a global cyberattack

A sophisticated cyber-attack exploits software vulnerabilities, targeting critical infrastructure and causing national security concerns

This pill is also available in Italian language

Several US federal agencies have been hit by a global cyberattack that exploited a software vulnerability, CNN reported. Eric Goldstein, assistant executive director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), said his agency "is providing support to several federal agencies that have experienced intrusions" as a result of the hacking attack. Goldstein declared the urgency in understanding the extent of the impacts and ensuring a timely remedy, without however mentioning those responsible for the attack.

Critical US infrastructure outages expected

This event followed warnings from CISA director Jen Easterly, who said that Chinese hackers could cause disruption to critical US infrastructure in the event of a conflict between the two nations. Easterly, at an event hosted by the Aspen Institute, said: "Given the formidable nature of the threat from Chinese state actors, given the size of their capability, given the effort and resources they are putting into it, it will be very, very difficult for us to prevent disruption." These statements come at a time of growing tension between the United States and China, which has also spilled over into cyberspace.

Impact and consequences of the cyber attack

It's not immediately clear whether the attackers responsible for the intrusion into federal agencies are a Russian-speaking ransomware group that has claimed responsibility for numerous other attacks. The recent attack has added to the victim list of a hacking campaign that began two weeks ago and targeted major US universities and state governments, putting pressure on federal authorities as they fight the scourge of ransomware attacks that have destabilized schools, hospitals and local governments across the country.

Technical details and safety advice

A group of Russian-speaking hackers known as CLOP has claimed responsibility for some of the attacks, including those that targeted employees of the BBC, British Airways, oil giant Shell, and the state governments of Minnesota and Illinois, among others. These attackers were the first to exploit the vulnerability, but experts now believe that other groups may have access to the software code needed to carry out attacks. The ransomware group had given victims until Wednesday to contact them about paying a ransom, after which they began listing other alleged victims of the attack on their dark web extortion site. Progress, the US company that owns the MOVEit software, has urged victims to update their software packages and provided safety advice.

Follow us on Twitter for more pills like this

06/15/2023 18:59

Editorial AI

Complementary pills

Ransomware Clop affects the main global legal companies: the risk is massive data theftLinked to Clop, attackers exploited MOVEit software vulnerabilities, strike during Memorial Day holiday

Russian group Clop attacks US government agenciesThe Clop emerges as a possible leading actor. The group, active since 2018, targets organizations affected by a specific vulnerability

Louisiana big data breach: personal safety appealAfter massive cybersecurity attack, experts and organizations urge citizens to protect their sensitive information and safeguard their credit

The US fears Chinese attacks on critical infrastructureIn a climate of growing tension, US authorities predict potential sabotage of their infrastructure by Chinese hackers

Last pills

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomware

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediately

Leak of sensitive data from Europol according to hacker claimsArtificial intelligence and preventive measures at the center of the cybersecurity debate

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concerns