Several US federal government agencies and prominent institutions have fallen victim to a widespread cyber attack that exploited a vulnerability in widely used file transfer software.
The hacking campaign targeted institutions in the US, UK and other countries, with compromised MOVEit transfer software penetrating their systems.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed the attacks, expressing urgency in understanding the impact and implementing remedial measures. The U.S. agencies affected and the extent of the damage were not disclosed.
“We are working urgently to understand the impact and ensure timely remediation,” Eric Goldstein, CISA’s executive assistant director for cybersecurity, said in a statement.
Among the institutions affected were British energy giant Shell, Johns Hopkins University and Health System, the University System of Georgia and other large organizations. While the full scope of the breach is still being assessed, Shell reported that only a few employees and customers were affected, with no evidence of damage to core IT systems.
Cyber attacks on Johns Hopkins University and the University System of Georgia highlighted the potential compromise of sensitive information, including personal and financial data. It is important to assess the severity of data exposure and take appropriate action.
The incidents follow previous attacks on the UK’s telecoms regulator, British Airways, JEE News. The UK telecoms regulator admitted to the data breach, while British Airways, Bots and JEE News faced the exposure of tens of thousands of employees’ personal information.
Progress Software, the maker of MOVEit Transfer, disclosed a critical vulnerability in the software, but it is uncertain whether hackers exploited it. Online extortion group Cl0p, which claimed responsibility for the MOVEit hack, announced that government-related data had been wiped, providing some reassurance.
Shell spokeswoman Anna Arata said there was no evidence Shell’s core IT systems were affected. “There are about 50 users of this tool, and we are immediately investigating whether data was affected.”
The cybersecurity community is actively investigating these breaches, including federal agencies such as the FBI, NSA, and CISA. Despite the ongoing investigation, CISA Director Jane Easterly expressed confidence in the minimal impact on federal agencies due to enhanced defenses.
This wave of cyber attacks highlights the significant impact that a software flaw can have when exploited by skilled hackers. Victims are urged to update their software packages and follow the security instructions provided by Progress Software.
The continued increase in ransomware attacks underscores the need for heightened cybersecurity measures and vigilance to protect vulnerable systems and sensitive data from emerging threats across the digital landscape.
