Breaking news: Several U.S. federal departments hit by MOVEit hack

Share post:

Several U.S. government departments are the latest reported victims of the hack of the MOVEit file transfer tool.

CNN quotes the U.S. Cybersecurity and Infrastructure Security Agency as saying it is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.

“We are working urgently to understand impacts and ensure timely remediation,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, told CNN.

If this was one of the Clop affiliates, commented Erich Kron, security awareness advocate at KnowBe4, it is a very brazen move as it is likely to draw some serious attention from the federal government. “Many cyber gangs, even those backed by nation-state players, try to avoid the focused attention of the U.S. government and its allies. Some significant cybercrime groups have fallen after they have become a focused target of the government, and this sort of attack is likely to put them straight in the crosshairs of the response teams.”

The news comes as the Clop ransomware gang, which found and exploited a vulnerability in MOVEit, released a list of alleged victims. That list included three U.S. financial institutions and energy provider Shell. Until now, victims of the MOVEit compromise, including the BBC, British Airways, and Nova Scotia’s healthcare system, had individually acknowledged being hit.

CNN says the ransomware group had given victims until Wednesday to contact them about paying a ransom, after which they began listing more alleged victims from the hack on their website on the dark web.

Separately, the U.S. Justice Department said a Russian national had been arrested for his alleged involvement in deploying numerous LockBit ransomware and other cyberattacks against victim computer systems in the United States, Asia, Europe, and Africa.

“This LockBit-related arrest, the second in six months, underscores the Justice Department’s unwavering commitment to hold ransomware actors accountable,” said Deputy Attorney General Lisa Monaco. “In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the department has once again demonstrated the long arm of the law. We will continue to use every tool at our disposal to disrupt cybercrime, and while cybercriminals may continue to run, they ultimately cannot hide.”

According to a criminal complaint obtained in the District of New Jersey, from at least as early as August 2020 to March 2023, the accused man allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware. That includes allegedly executing at least five attacks against victim computer systems in the United States and abroad.

The man is the third person charged by the U.S. with allegedly being involved LockBit global ransomware campaign, and the second to be actually apprehended.

The post Breaking news: Several U.S. federal departments hit by MOVEit hack first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Microsoft MFA Outage Blocks Access to Microsoft 365 Apps, Raising Cloud Reliability Concerns

Microsoft faced another significant service disruption over the weekend, with a Multi-Factor Authentication (MFA) outage that blocked users...

Cyber Attack Hits Key Dutch University, Raising Concerns for Chip Giant ASML

Eindhoven University of Technology, a critical partner for semiconductor giant ASML Holding NV, has been hit by a...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways