Several US government agencies targeted in cyberattack
The attack exploits a security flaw in a file transfer program
Your support helps us to tell the story
As your White House correspondent, I ask the tough questions and seek the answers that matter.
Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.
Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election
Andrew Feinberg
White House Correspondent
A number of US government agencies were targeted in a cyberattack, according to the US Cybersecurity and Infrastructure Security Agency.
The agency released a statement on Thursday following the attack, saying it is "providing support to several federal agencies that have experienced intrusions.”
It is currently unclear who carried out the attack. Officials are investigating whether or not the attack is connected to a series of other hacking incursions that have been reported over the last two weeks.
The attack may be tied to a group of Russian hackers who have claimed responsibility for several recent cyberattacks.
CISA would not provide a comment outlining the number of agencies impacted by the hack or the severity of the breaches, according to CNN.
The sprawling hacking campaign reportedly began in earnest approximately two weeks ago, targeting universities and state government agencies.
Johns Hopkins University in Baltimore reported that its "sensitive personal and financial information" – which includes health billing records — may have been compromised. State agencies in Missouri, Minnesota and Illinois were also impacted.
The attackers did not solely focus on the US; the BBC, British Airways, and the Shell oil company also reported hacks within the last two weeks.
The group claiming credit for the attack calls itself CLOP, and used ransomware attacks to effectively rob its targets.
CLOP posted the names of its alleged victims on its dark web site, though as of Thursday the site did not list any US federal agencies.
The attacks exploit a security flaw in a common file transfer program called MOVEIt.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments