Earlier this morning, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported to CNN that a global cyberattack has targeted multiple U.S. federal government agencies. The repercussions of the hacking, the number of agencies affected, and even who carried out the attack, are still not publicly known at the time of this writing.
According to CISA executive assistant director for cybersecurity Eric Goldstein, the agency is currently “providing support to several federal agencies that have experienced intrusions” and “are working urgently to understand impacts and ensure timely remediation.” CISA has not yet confirmed who is responsible for the breaches, or if the agency even knows itself.
Cybersecurity has become a major component in the country’s defense in the last several years. A lot of important physical infrastructure, like power and communications, can be affected by hacking. It’s presumed that in the event of a shooting war with another nation, cyber attacks would play a major role, possibly even as the first strike.
It’s unclear if this attack is part of a larger wave of incidents
A Russian-speaking hacking group known as “CLOP” claimed credit for major cyber attacks last week on several institutions, including Johns Hopkins University, Georgia’s state-wide university system, the BBC, British Airways, and Shell. These institutions were not necessarily targeted specifically, but were part of a larger hack where CLOP claims to have breached the file-transfer software “MOVEit” — used by many of these groups — via a zero-day exploit. CLOP, a group that isn’t known to be state-affiliated, arose in 2019 and used the data breaches as part of a ransomware ultimatum.
Other institutions affected by the MOVEit hack included state and provincial governments including Minnesota, Illinois, and Nova Scotia. However, the group says it would not exploit any stolen data from governments. According to a statement on CLOP’s website, “If you are a government, city, or police service, do not worry, we erased all your data … We have no interest to expose such information.”
Despite this, considering how close the MOVEit hack was to this morning’s cyber attack on federal agencies, CLOP likely has not been ruled out as a suspect. Either way, multiple attacks in such a short period of time is only highlighting the vulnerabilities both major companies and the U.S. government have in cybersecurity. As technology advances and global politics become more fraught, it’s become increasingly clear that even stronger defense measures are needed to prevent ransomware and other cyber attacks.