Jane Edwards
A Russian ransomware group called Clop gained access to data of the Department of Energy and other federal agencies, corporations and universities by exploiting a vulnerability in file transfer software MOVEit, The New York Times reported Thursday.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, described the cyberattack as “opportunistic” and noted that the breach did not focus on “specific high-valuable information.”
“Although we are very concerned about this campaign, this is not a campaign like SolarWinds that poses a systemic risk,” Easterly, a two-time Wash100 awardee, told reporters on Thursday.
The official said CISA had no evidence that Clop was carrying out the attack in coordination with the government of Russia.
Chad Smith, press secretary for DOE, said the department immediately launched measures to mitigate further exposure to the software vulnerability.
A representative for Progress Software-owned MOVEit said the company had “engaged with federal law enforcement and other agencies” and would “combat increasingly sophisticated and persistent cybercriminals intent on maliciously exploiting vulnerabilities in widely used software products.”
Robert Carey, president of Cloudera Government Solutions, said attackers that stole data through ransomware attacks can easily sell the data to other threat actors.
“Anyone who’s using this is likely compromised,” Carey said of the software mentioned in the breach.
