A Russian ransomware group, known as Clop, compromised U.S. federal agency data, including that of the Energy Department, exploiting file transfer software MOVEit to steal and sell user data. The Cybersecurity and Infrastructure Security Agency (C.I.S.A) highlighted this breach as largely “opportunistic” and not as damaging as previous attacks, such as SolarWinds. Energy Department records from two entities were compromised, prompting immediate action to mitigate further vulnerability exposure. The breach is seen as part of Clop’s larger ransomware operation, impacting various local governments, universities, and corporations, including British Airways, the BBC, Johns Hopkins University, the University System of Georgia, and Shell. Initial reports suggest that several hundred companies and organizations were affected. Despite numerous agencies using the compromised software, only a small number of federal agencies were hit. Clop, having claimed responsibility for this wave of breaches, expressed disinterest in exploiting governmental data, focusing instead on business information. The compromised software’s manufacturer, MOVEit, engaged federal law enforcement and other agencies to counter this cyber threat. C.I.S.A found no evidence of Clop’s coordination with the Russian government. The incident reflects an ongoing trend of government agencies falling victim to organized cybercrime from Russian groups targeting Western entities.
Source: www.nytimes.com
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.