CISA: Russian Hackers Exploited Several Federal Agencies
Russian cyber hackers exploited several federal agencies through a file transfer vulnerability, Cybersecurity and Infrastructure Security Agency Director Jen Easterly told reporters Thursday. This isn’t a campaign “like SolarWinds that presents a systemic risk to our national security or our…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
nation’s networks,” she said, but CISA is working with the FBI and others to “understand prevalence within federal agencies.” The Department of Energy was reportedly one of the agencies affected. The FTC wasn't hit, an agency official said Friday. The FCC didn’t comment. At this point, CISA believes threat actors are “only stealing information that is being stored on the file transfer application at the precise time that the intrusion occurs,” she said. Based on conversations with the Joint Cyber Defense Collaborative, “these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high value information -- in sum, as we understand it, this attack is largely an opportunistic one,” she said. CISA isn’t aware of the attackers threatening to “extort or release any data stolen from U.S. government agencies.” CISA issued a joint cybersecurity advisory with the FBI June 7, recommending protective measures against Russia’s CL0P Ransomware Gang. The cyber group has been trying to exploit a “vulnerability in Progress Software's managed file transfer solution, known as MOVEit, to steal data from underlying MOVEit Transfer databases,” she said. CISA is working with the FBI, Progress Software and federal partners to understand the extent of the intrusions. “At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue,” said Easterly. House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., and ranking member Frank Pallone, D-N.J., are seeking briefings from DOE and federal officials to understand the “severity of the attack,” they said Friday: “The wide scale nature of this attack underscores the importance of bolstering the ability of industry specific federal agencies to secure America’s critical infrastructure and respond to complex attacks.”