Russian Cybercriminals Attack US Federal Government Agencies, Private Companies

Multiple federal agencies including the Department of Energy and various private companies and organizations have reported breaches in an ongoing global cyberattack by Russian cybercriminals.

The Cybersecurity and Infrastructure Security Agency said the cybercriminals have exploited a vulnerability in MOVEit, a managed file transfer software used worldwide to provide visibility and control over file transfer activities.

CISA Executive Assistant Director for Cybersecurity Eric Goldstein said his agency is providing support to federal agencies that have reported intrusions affecting their MOVEit applications, CNN reported.

Ransomware gang Clop, known for demanding money from its victims, is said to be responsible for the attack. The group has been extorting ransom money from private sector victims and listing hacking victims on their extortion site on the dark web.

The hackers did not list any federal agency as of Thursday morning. Instead, the hackers wrote that they have erased all data from government, city or police services as they have no interest in exposing such information.