Multiple US government agencies have fallen victim to a worldwide cyberattack that capitalizes on a security flaw found in commonly utilized software, CNN reported.
US government agencies receive support amid cyberattack on vulnerable software, confirms CISA
The US Cybersecurity and Infrastructure Security Agency (CISA) “is providing support to several federal agencies that have experienced intrusions” impacting vulnerable software exploited by the hackers,” stated Eric Goldstein, the executive assistant director for cybersecurity at CISA, in a statement to CNN on Thursday. “We are working urgently to understand impacts and ensure timely remediation.”
It remains uncertain if the cyberattackers responsible for breaching the federal agencies are a Russian-speaking ransomware group that has claimed responsibility for numerous other victims in the hacking campaign.
When CNN inquired about the identity of the hackers behind the federal agencies’ breach and the number of agencies affected, a CISA spokesperson declined to comment.
However, this development contributes to an expanding list of targets affected by an extensive hacking campaign that commenced two weeks ago, impacting prominent US universities and state governments.
The series of cyberattacks further intensifies the pressure on federal authorities who have committed to combating the pervasive issue of ransomware attacks, which have severely disrupted educational institutions, healthcare facilities, and local governmental bodies throughout the United States.
According to a recent statement from Johns Hopkins University in Baltimore and its distinguished health system, there is a possibility that the hack may have resulted in the theft of “sensitive personal and financial information,” which includes health billing records.
Russian-speaking hackers claim responsibility as Georgia university system investigates cyberattack scope
In the meantime, the statewide university system in Georgia, encompassing the University of Georgia with its 40,000 students and numerous other state colleges and universities, has confirmed that it is investigating the “scope and severity” of the cyberattack.
A group of hackers fluent in the Russian language, known as CLOP, asserted responsibility for some of these breaches last week. The victims include employees of the BBC, British Airways, oil conglomerate Shell, as well as state governments in Minnesota and Illinois, among others.
While the Russian hackers were the initial exploiters of the vulnerability, experts warn that other groups might now possess the necessary software code to carry out similar attacks, CNN reported.
