According to a leading US cybersecurity agency, several federal government agencies in the United States have fallen victim to a global cyberattack that exploits a vulnerability in widely used software.
Eric Goldstein, the executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency (CISA), stated that they are providing assistance to affected federal agencies that have experienced breaches in their MOVEit applications. The agency is actively working to understand the extent of the impact and facilitate prompt remediation.
It remains unclear at this time whether the hackers responsible for the intrusions are affiliated with a Russian-speaking ransomware group that has previously claimed responsibility for numerous cyberattacks.
When questioned about the hack and the number of affected agencies, a CISA spokesperson declined to comment.
While some agencies promptly denied being affected by the cyberattack, confirmation from others was slower to emerge. The Transportation Security Administration and the State Department stated that they were not victims of the breach.
CISA Director Jen Easterly expressed confidence that federal agencies would not experience significant consequences from the hacks due to the government’s improved defensive measures.
However, this latest development adds to the growing list of victims in an extensive hacking campaign that commenced two weeks ago, affecting major US universities and state governments. The surge in cyberattacks puts additional pressure on federal officials who have pledged to combat the detrimental impact of ransomware attacks that have disrupted schools, hospitals, and local governments across the country.
