On Thursday, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly confirmed that U.S. government networks had fallen victim to a cyberattack, affecting several federal agencies. CISA, a part of the Department of Homeland Security, had previously identified a gap in software security that was believed to have been exploited in the attack.
The focus of the cyber intrusion is believed to be an electronic file transfer application called MOVEit Transfer. While officials have not provided details on the extent of the attack or the number of agencies impacted, a spokesperson for Mandiant, the cyber intelligence arm of Google Cloud, confirmed that government data had been stolen in the incident.
CISA officials have not attributed the attack to any specific entity and have declined to provide further information about the perpetrators. However, they did downplay the severity of the attack compared to the SolarWinds hack that occurred in 2020, which had a far-reaching impact on government systems.
A senior CISA official described the latest attack as relatively small in scope. Earlier, CISA and the FBI had released a joint advisory noting the vulnerability of the file transfer software to ransomware attacks, where data is either locked or stolen, and a ransom is demanded for its release.
In response to the incident, the FBI emphasized its commitment to sharing information promptly to help organizations protect themselves against malicious cyber actors. MOVEit, the software targeted in the attack, stated that it is taking measures to enhance security, including applying necessary patches.
The incident highlights the ongoing threat posed by cybercriminals and the need for robust cybersecurity measures across government agencies. Authorities are actively working to investigate the attack, identify the responsible parties, and strengthen defenses to prevent future intrusions.
The collaboration between government agencies, private sector cybersecurity firms, and law enforcement is crucial in combating increasingly sophisticated cyber threats. The industry-wide effort to address vulnerabilities in widely used software products is essential to protect sensitive government data and ensure the security and resilience of critical systems.
Discover more from True News Media
Subscribe to get the latest posts sent to your email.
someone sold the information, maybe Zuckerberg, again.
Also, evil Hitlerites/Communists are stinking up our White House…
With the FBI involved we’ll never get the truth of what actually happened…
Some morons probably open some attachments that they were never expecting and vulnerabilities were created in the software. Sometimes the utility of a software package lead to weaknesses in the security of such.
If I had stock in the maker of the software, I be selling it now. In the environment we live now ALL software packages and upgrades should be tested for weaknesses by white hat hackers. Also lots of those utilities should be use in an intranet environment not open to access from the outside. Convenience lead weaknesses .If something is really vital and important, it should not be able to be accessed from any computer in the outside OR at least use a 2 level authorization process