The Cybersecurity and Infrastructure Security Agency warned that the Russian CL0P Ransomware Gang has attacked several U.S. federal agencies that use the managed transfer file application MOVEit, CNN reported Thursday.
The global hacking spree, which also affected hundreds of non-government entities in the U.S., was announced a week after CISA and the FBI issued a cybersecurity advisory about the Russian cybercriminal group.
The Department of Energy’s Oak Ridge Associated Universities, Johns Hopkins University and the University System of Georgia were among the institutions that admitted to being victims of the cyberattacks.
CISA officials told CNN that the attacks have not harmed federal agencies’ operations, and that they are providing assistance to those organizations.
Jen Easterly, CISA director and Wash100 awardee, noted that the CL0P Ransomware Gang was “largely opportunistic” in using MOVEit’s vulnerability to penetrate networks, but assured that the breaches have not made “significant impacts” on the victims.
“We are working urgently to understand impacts and ensure timely remediation,” said Eric Goldstein, CISA’s executive assistant director for cybersecurity.
Progress Software, maker of MOVEit, stated that it has “communicated with customers on the steps they need to take to further secure their environments.” The company added that it suspended the MOVEit Cloud while it works to resolve the issue.