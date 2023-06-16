SUBSCRIBE
62
0
Security

Breaking news: Several U.S. federal departments hit by MOVEit hack

Howard Solomon

Several U.S. government departments are the latest reported victims of the hack of the MOVEit file transfer tool.

CNN quotes the U.S. Cybersecurity and Infrastructure Security Agency as saying it is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.

“We are working urgently to understand impacts and ensure timely remediation,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, told CNN.

If this was one of the Clop affiliates, commented Erich Kron, security awareness advocate at KnowBe4, it is a very brazen move as it is likely to draw some serious attention from the federal government. “Many cyber gangs, even those backed by nation-state players, try to avoid the focused attention of the U.S. government and its allies. Some significant cybercrime groups have fallen after they have become a focused target of the government, and this sort of attack is likely to put them straight in the crosshairs of the response teams.”

The news comes as the Clop ransomware gang, which found and exploited a vulnerability in MOVEit, released a list of alleged victims. That list included three U.S. financial institutions and energy provider Shell. Until now, victims of the MOVEit compromise, including the BBC, British Airways, and Nova Scotia’s healthcare system, had individually acknowledged being hit.

CNN says the ransomware group had given victims until Wednesday to contact them about paying a ransom, after which they began listing more alleged victims from the hack on their website on the dark web.

Separately, the U.S. Justice Department said a Russian national had been arrested for his alleged involvement in deploying numerous LockBit ransomware and other cyberattacks against victim computer systems in the United States, Asia, Europe, and Africa.

“This LockBit-related arrest, the second in six months, underscores the Justice Department’s unwavering commitment to hold ransomware actors accountable,” said Deputy Attorney General Lisa Monaco. “In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the department has once again demonstrated the long arm of the law. We will continue to use every tool at our disposal to disrupt cybercrime, and while cybercriminals may continue to run, they ultimately cannot hide.”

According to a criminal complaint obtained in the District of New Jersey, from at least as early as August 2020 to March 2023, the accused man allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware. That includes allegedly executing at least five attacks against victim computer systems in the United States and abroad.

The man is the third person charged by the U.S. with allegedly being involved LockBit global ransomware campaign, and the second to be actually apprehended.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com
Previous article
Everything you want to know about the LockBit ransomware gang
Next article
OWASP releases list of Top 10 API security risks

Related Tech News

Featured Tech Jobs

 

More from Howard Solomon

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.

SUBSCRIBE

Channel Daily News

Channel Daily News (CDN) — the voice of the IT solution provider community for more than thirty years — is the most widely read and trusted source of information for channel executives.

Latest news

Channel Bytes June 16, 2023 – Logitech CEO departs; Blancco updates partner program; Nominations open for Women in the IT Channel awards; and more

Channel Strategy
Staying informed is a constant challenge. There's so much...

Another vulnerability in MOVEit Transfer found, admins urged to disable web access

Security
Progress Software, developer of the compromised MOVEit file transfer...

OWASP releases list of Top 10 API security risks

Development
The Open Worldwide Application Security Project (OWASP) has released...

Popular this week

ITWC network