Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Government United States

US Government Agencies Hit In Global Cyberattack (cnn.com) 19

Posted by BeauHD from the latest-developments dept.
An anonymous reader quotes a report from CNN: Several US federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software, according to a top US cybersecurity agency. The US Cybersecurity and Infrastructure Security Agency "is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications," Eric Goldstein, the agency's executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. "We are working urgently to understand impacts and ensure timely remediation." It was not immediately clear if the hackers responsible for breaching the federal agencies were a Russian-speaking ransomware group that has claimed credit for numerous other victims in the hacking campaign.

Agencies were much quicker Thursday to deny they'd been affected by the hacking than to confirm they were. The Transportation Security Administration and the State Department said they were not victims of the hack. CISA Director Jen Easterly told MSNBC on Thursday that she was "confident" that there will not be "significant impacts" to federal agencies from the hacks because of the government's defensive improvements. But the news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.

The new hacking campaign shows the widespread impact that a single software flaw can have if exploited by skilled criminals. The hackers -- a well-known group whose favored malware emerged in 2019 -- in late May began exploiting a new flaw in a widely used file-transfer software known as MOVEit, appearing to target as many exposed organizations as they could. The opportunistic nature of the hack left a broad swath of organizations vulnerable to extortion. Progress, the US firm that owns the MOVEit software, has also urged victims to update their software packages and has issued security advice.
This discussion has been archived. No new comments can be posted.

US Government Agencies Hit In Global Cyberattack More

US Government Agencies Hit In Global Cyberattack

Comments Filter:

  • MOVEit Secure Managed File Transfer Software. (Score:3)

    by oldgraybeard ( 2939809 ) on Thursday June 15, 2023 @05:02PM (#63606160)
    So much for the Secure part!

  • now where did i put the frikken popcorn?

  • This company should be put out of business. I can't believe their stock is only down 6% on the news.

    • Re:Progress is traded under PRGS (Score:5, Interesting)

      by CaptQuark ( 2706165 ) on Thursday June 15, 2023 @08:29PM (#63606520)

      You must be new here. Try Googling "exploit" followed by any of the following words: Solar Winds, Microsoft, Sun, Adobe, Norton, Apple, Malwarebytes, Logitech, RedHat, Oracle, Android, VLC, WinRAR, Macromedia, or Symantec.

      If you shut down every company that produces software that contained an unknown exploit, you wouldn't have any software to use.

  • Well, they like to MOVEit, MOVEit, they like to MOVEit, MOVEit. Maybe King Julian can help them with this?

  • They probably all have vulnerabilities if you look hard enough. Orgs do need to move files to get stuff done.

    • Re: (Score:3)

      by SB5407 ( 4372273 )
      It's very true! Many popular malware tools out there automatically hoover up the saved FileZilla creds on a machine when the malware runs.
  • Comment removed based on user account deletion

  • It's just absurd (Score:4, Insightful)

    by gavron ( 1300111 ) on Thursday June 15, 2023 @07:13PM (#63606402)

    If your systems were compromised for MONTHS and you didn't find out until you read it on reddit or the verge...
    WHY ON EARTH would ANYONE EVER believe you when you say "Oh we didn't get hit." No, you are just too incompetent to find it.

  • It's not an attack but failure to apply patches (Score:5, Interesting)

    by Canberra1 ( 3475749 ) on Thursday June 15, 2023 @08:38PM (#63606542)
    1) Know your 3rd party software vendor(s) 2) Keep your stuff patched 3) Dump vendor when patches / maintenance fall behind 4) Dump vendor when next round of patches reveal they have been lazy / not on the ball 5) Repeat for all software vendors 6) Cut costs by using Open source. Basically each entity expected the usual patch alert system to give them a month or so window to patch things. However moving files was built into backups and transaction tapes etc, and probably un-monitored. 7) Dig up the risk assessment for this ISV - then fire the responsible person for rubber stamping the status quo.
    • In a perfect world, yes. In a company larger than a Mom-and-Pop, much of this is impossible. Especially numbers 1, 6, and 7. You can never actually "know" your vendor, beyond the slick salesperson visiting you every few months with donuts who is telling you "trust us". Open source is great if you have the talent and time to use it...it's never plug-and-play. And you can't just fire people willy-nilly.
  • We get alerts/notifications about these vulnerabilities all the time and too many people in charge of maintaining their systems still aren't prioritizing patching and security. Getting burned by known vulnerabilities (rather than zero day) is ridiculous.

  • The US should respond to this as an act of war, as the hackers are supported by or in the employ of China.

    The State Department should show some balls on this.
    There should also be a protest at the UN.

  • Imagine - not enough to have local backups. Not even enough to have encrypted cloud backups, nor even partnering with another agency/business/etc to shelter a copy for you, and reciprocate. Not even enough to write encrypted tape and drive it home every night.

    And intrusion prevention? Sure, all the external threats can be challenged and prevented, but then the internal threats, being careless or naïve users, bringing in the malware after a long weekend of gaming on their work rig, those also need to be

    • Mod Up. Informative - with some poor assumptions. But all orgs should aim to get bang for buck. Forget Zero Trust - it will never happen. Right now there are donations flowing and NO software company will ever have to show something akin to a nutrition label and a food safety score. Software is still sold on 'All care, no responsibility'. All those .gov dept's are NOT sharing and talking about vendors. Clearly rather than do something - there is a 'lets shut these bad guys down' movement, when whack a mole

Slashdot Top Deals

Congratulations! You are the one-millionth user to log into our system. If there's anything special we can do for you, anything at all, don't hesitate to ask!

Close