Zero Day cyberattack on Federal Government and organizations

Cybersafetyconnections June 19, 2023 vol#122 

• Here we go with several federal government agencies and organizations in the U.S becoming victims of cyberattack. 
• Responsible group is Russian cybercriminals Clop. 
• Cyberattack happened because of a vulnerability in a software and this is among a list of growing cyberattacks that have been going on for 2 weeks now. 
• Steps to mitigate cyberattack requires federal officials to take action. 

Zero Day Attack? 

Why wont an exploit be caught? 

CNN reported that several federal government agencies and organizations in the U.S become victims of cyberattack. The US Cybersecurity and Infrastructure Security Agency (CISA) is said to be providing support to several federal agencies that have had their MOVEit software exploited as told by Eric Goldstein, the agency’s executive assistant director for cybersecurity to CNN. This software is used to transfer data and Progressive Software, the maker of MOVEit software reported another vulnerability as this was going on. 

Who is affected? 

Cyber warfare and the Internet of things 

It is alarming to hear that the recent cyberattacks on federal government agencies in the US could have potentially affected hundreds of organizations and businesses, including not-for-profit research centers, state universities, and renowned health systems. 

A top CISA official had told reporters that according to private experts it could have affected hundreds of organizations and businesses. Among those organizations affected are: 

• Department of Energy and affiliated organizations such as Oak Ridge Associated Universities, not-for-profit research center, and the Waste Isolation Pilot Plant in Mexico disposing atomic waste,  
•  Johns Hopkins University may have had sensitive personal and financial information stolen in the hack.  
• Georgia’s state-wide university system covering 40,000-student University of Georgia as well as a dozen other state colleges and universities Georgia’s state-wide university system is investigating the “scope and severity” of a possible cyberattack. 
•  Employees of the BBC, British Airways, oil giant Shell, and state governments in Minnesota and Illinois, among others. 
• Some agencies are quick to deny cyberattack. The Transportation Security Administration and the State Department reported they were not victims of the cyberattack. 

It is crucial for individuals and organizations to take necessary precautions to protect themselves from cyberattacks. It is a reminder that we must remain vigilant and prioritize our cybersecurity to avoid potential risks. 

Who is responsible for the cyberattack? 

About the first cyberwar 

It is concerning to hear about the recent cyberattacks on federal government agencies in the US attributed to the Clop ransomware cybercriminal group. While they are known for demanding high ransoms, it is interesting to note that they have not demanded payment from the victims yet.  

It is important for individuals and organizations to remain vigilant and take necessary precautions to protect themselves against cyberattacks and potential risks. 

Steps to mitigate cyberattack

Herding Cast-Steps 

It is important to prioritize cybersecurity and take steps to mitigate the risk of cyberattacks. 

The US Cybersecurity and Infrastructure Security Agency (CISA) is working to understand the impact and find a timely resolution. 

 The Department of Energy acted by working with law enforcement and affected entities to investigate the incident and minimize the impact of the breach.  

It is also important for individuals and organizations to take their own precautions to further secure their environments. One example of this is Progressive, which communicated with its customers on steps they can take and temporarily took their MOVEit Cloud offline to patch a vulnerability.  

It is crucial for everyone to protect sensitive information and prevent potential harm. 

Subscribe to get the latest post.