US Government Agencies Hit In Global Cyberattack (cnn.com) 19
An anonymous reader quotes a report from CNN: Several US federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software, according to a top US cybersecurity agency. The US Cybersecurity and Infrastructure Security Agency "is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications," Eric Goldstein, the agency's executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. "We are working urgently to understand impacts and ensure timely remediation." It was not immediately clear if the hackers responsible for breaching the federal agencies were a Russian-speaking ransomware group that has claimed credit for numerous other victims in the hacking campaign.
Agencies were much quicker Thursday to deny they'd been affected by the hacking than to confirm they were. The Transportation Security Administration and the State Department said they were not victims of the hack. CISA Director Jen Easterly told MSNBC on Thursday that she was "confident" that there will not be "significant impacts" to federal agencies from the hacks because of the government's defensive improvements. But the news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.
The new hacking campaign shows the widespread impact that a single software flaw can have if exploited by skilled criminals. The hackers -- a well-known group whose favored malware emerged in 2019 -- in late May began exploiting a new flaw in a widely used file-transfer software known as MOVEit, appearing to target as many exposed organizations as they could. The opportunistic nature of the hack left a broad swath of organizations vulnerable to extortion. Progress, the US firm that owns the MOVEit software, has also urged victims to update their software packages and has issued security advice.
Agencies were much quicker Thursday to deny they'd been affected by the hacking than to confirm they were. The Transportation Security Administration and the State Department said they were not victims of the hack. CISA Director Jen Easterly told MSNBC on Thursday that she was "confident" that there will not be "significant impacts" to federal agencies from the hacks because of the government's defensive improvements. But the news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.
The new hacking campaign shows the widespread impact that a single software flaw can have if exploited by skilled criminals. The hackers -- a well-known group whose favored malware emerged in 2019 -- in late May began exploiting a new flaw in a widely used file-transfer software known as MOVEit, appearing to target as many exposed organizations as they could. The opportunistic nature of the hack left a broad swath of organizations vulnerable to extortion. Progress, the US firm that owns the MOVEit software, has also urged victims to update their software packages and has issued security advice.
MOVEit Secure Managed File Transfer Software. (Score:3)
comedy gold! (Score:1)
now where did i put the frikken popcorn?
Progress is traded under PRGS (Score:2)
This company should be put out of business. I can't believe their stock is only down 6% on the news.
Re:Progress is traded under PRGS (Score:5, Interesting)
You must be new here. Try Googling "exploit" followed by any of the following words: Solar Winds, Microsoft, Sun, Adobe, Norton, Apple, Malwarebytes, Logitech, RedHat, Oracle, Android, VLC, WinRAR, Macromedia, or Symantec.
If you shut down every company that produces software that contained an unknown exploit, you wouldn't have any software to use.
MOVEit, MOVEit (Score:1)
Re: (Score:3)
LOL. I had to Google King Julien, but what I found makes the joke even better: https://madagascar.fandom.com/... [fandom.com]
Real 2 Real (Score:3)
Could also happen to FileZilla, no? (Score:2)
They probably all have vulnerabilities if you look hard enough. Orgs do need to move files to get stuff done.
Re: (Score:3)
Re: (Score:3)
Re: (Score:1)
It's just absurd (Score:4, Insightful)
If your systems were compromised for MONTHS and you didn't find out until you read it on reddit or the verge...
WHY ON EARTH would ANYONE EVER believe you when you say "Oh we didn't get hit." No, you are just too incompetent to find it.
It's not an attack but failure to apply patches (Score:5, Interesting)
Re: (Score:2)
There's no excuse for this (Score:2)
This is an Act of War (Score:2)
The US should respond to this as an act of war, as the hackers are supported by or in the employ of China.
The State Department should show some balls on this.
There should also be a protest at the UN.
Glad I'm not a sysop any more (Score:2)
Imagine - not enough to have local backups. Not even enough to have encrypted cloud backups, nor even partnering with another agency/business/etc to shelter a copy for you, and reciprocate. Not even enough to write encrypted tape and drive it home every night.
And intrusion prevention? Sure, all the external threats can be challenged and prevented, but then the internal threats, being careless or naïve users, bringing in the malware after a long weekend of gaming on their work rig, those also need to be
Re: (Score:2)