A Russian group of “hackers” managed to infiltrate various agencies of the United States Governmentas announced this Thursday by the Cybersecurity and Infrastructure Security Agency (CISA, for its acronym in English).
Behind the cyberattack there is the group “CL0P“, also known as “TA505” and which has its base of operations in Russia, said a senior US government official in statements to the press. That source explained that, for now, there is no evidence to indicate that the “hackers” acted in coordination with the Russian Government.
In a telephone press conference, CISA director Jen Easterly assured that the attack “will not have a significant impact” in the activities of the Government and explained that it is a campaign of small-scale cyberattacks.
Easterly assured that what happened has nothing to do with the massive cyberattack that Russian agents perpetrated in 2019 against some 18,000 US government agencies and large companies in the country, taking advantage of problems in the SolarWinds platform.
In this case, the attackers exploited a vulnerability in software called “MOVEit”, which is frequently used in the federal government to encrypt files and transfer data.
According to the information disclosed this Thursday, the “hackers” used that vulnerability to infect with programs malicious computers, steal data, and then demand a reward from the victims.
Ipswitch, the company that developed that software, gave details on June 5 in a statement of the vulnerability that had been discovered in “MOVEit” and announced that it had opened an investigation, in addition to working with its customers to prevent any harm.
Two days later, on June 7, CISA itself published a report asking government agencies to exercise caution and already pointing to “CL0P” as the culprit.
This new attack is added to those suffered in recent weeks by universities, hospitals and local governments in the United States.
Among the victims is the Johns Hopkins University in Baltimore and the health centers associated with that educational center, which on May 31 suffered a cyberattack that resulted in the theft of personal informationfrom patient names to bank details, as reported by the institution yesterday, Wednesday, in a statement.
Related news
Likewise, the Georgia state university system, which includes the University of Georgia, with 40,000 students, and another dozen centers of higher education, announced Wednesday who had suffered a cyber attack and was studying its “range” and “severity”.
The state governments of Illinois and Minnesota also suffered a cyberattack at the end of May, as announced in recent days.