Cyberattack targets government agencies and at least two states

(Oleg Reshetnyak via AP)

CNN published an exclusive report yesterday about a global cyberattack that had targeted several US government agencies. The organization behind this is a Russian group responsible for ransomware attacks around the globe.

Advertisement

Clop, the ransomware gang allegedly responsible, is known to demand multimillion-dollar ransoms. But no ransom demands have been made of federal agencies, the senior official told reporters in a background briefing.

…Progress Software, the US firm that makes the software exploited by the hackers, said it had discovered a second vulnerability in the code that the company was working to fix.

The Department of Energy is among multiple federal agencies breached in the ongoing global hacking campaign, a department spokesperson confirmed to CNN…

Since late last month, the hackers have been exploiting a flaw in widely used software known as MOVEit that companies and agencies use to transfer data.

Today, CNN published a follow up which reports massive hacks that have impacted Oregon and Louisiana.

The breach has affected 3.5 million Oregonians with driver’s licenses or state ID cards, and anyone with that documentation in Louisiana, authorities said. The Louisiana governor’s office did not put a number on the number of victims but over 3 million Louisianians hold driver’s licenses, according to public data…

The data exposed in the breach of the Oregon and Louisiana motor vehicle departments may include Social Security numbers and driver’s license numbers, prompting state authorities to advise their residents on how they can protect themselves from identity fraud.

There is no sign that the hackers have sold or released data stolen from the Louisiana Office of Motor Vehicles, and the hackers have not contacted the state government, the office of Louisiana Gov. John Bel Edwards said in a statement.

Advertisement

Previous hacks by this same group have targeted Johns Hopkins University in Baltimore and the University System of Georgia. The group began posting names of companies it claimed to have hacked on a dark web site Wednesday.

On Wednesday, the hacker group Clop began posting names of firms to its website on the darknet…

Twenty six organisations including banks and universities have been added to try to pressure victims into paying…

The mass hack is likely to have affected hundreds of organisations around the world with around 50 so far confirmed either by the firms themselves or by the hackers.

On the hacker’s so called ‘leak site’ there are companies from the US, Germany, Belgium, Switzerland and Canada.

Oil giant Shell was posted on Wednesday and has since confirmed it is a victim.

We’ve seen this before of course. Back in 2021, a cyberattack shut down a major gasoline pipeline on the east coast. That was also carried out by Russian ransomware hackers who claimed they were apolitical. There may be some truth to the idea that these groups are just after money. If so, why bother hacking federal agencies and then not demanding money from them? These groups only ply their trade against organizations outside of Russia. In theory, Putin could put a stop to this by would he. The hackers are sowing chaos amongst his enemies.

Advertisement

Here’s a CBS News report on the cyberattack featuring Catherine Herridge.

Join the conversation as a VIP Member

Trending on HotAir Videos

Advertisement
Advertisement
Advertisement
Ed Morrissey 10:00 PM | November 22, 2024
Advertisement