U.S. government agencies hacked in Russian cyberattack 

Several U.S. agencies were hacked by Russian cybercriminals as part of a global cyberattack that affected dozens of companies, a top U.S. cybersecurity agency said on Thursday. 

U.S. government agencies and “several hundred” companies and organizations around the country were hacked by cybercriminals who exploited a vulnerability in the program MOVEIt, used for transferring files quickly, CNN first reported. 

The country’s top cybersecurity watchdog, the Cybersecurity and Infrastructure Security Agency (CISA), said that it is investigating the hacks and “providing support to several federal agencies” that were affected. 

 “We are working urgently to understand impacts and ensure timely remediation,” said CISA’s executive assistant director for cybersecurity Eric Goldstein.   

It wasn’t immediately clear whether the stolen files were sensitive. So far, the hack has not had any “significant impacts” on federal civilian agencies. CISA declined to identify which federal agencies had been affected by the hack. 

The Energy Department, however, confirmed in a statement that two of the entities within the department had been “compromised” by the hackers. 

CISA Director Jen Easterly said the agency was tracking the hackers “as a well-known ransomware group” that goes by the name CLOP. The Russian-speaking cybercrime gang has previously hacked into other organizations, stolen files, and demanded millions of dollars in payment to not publish them online. 

The ransomware group listed all of its victims and gave them until Wednesday to contact them about paying the ransom. As of Thursday, the group had not added any government agency to the list.

“If you are a government, city, or police service do not worry, we erased all your data. You do not need to contact us. We have no interest in exposing such information,” the group said.

This week’s hack marks the third time in recent years that foreign hackers gain access to federal agency files and stolen information. In 2020, Russian intelligence hackers breached nine government agencies. In 2021, Chinese hackers accessed files through a remote work program called Pulse Secure.