Jun 15 2023

Ransomware Cyberattack Hits Federal Agencies

‘Criminal’ group responsible for the intrusion, CISA says.

An undetermined number of civilian federal agencies were hit Thursday with an attack from what government officials described as a “criminal” ransomware group.

The attack targeted “a software that federal agencies and companies across the world use,” Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told MSNBC.

Click the banner below to get Insider access to exclusive security articles.

CISA officials said in a briefing that the attackers took data that was available only at the time of intrusion, and that there were no signs that the breach enabled them to gain a foothold into federal networks. “This was largely an opportunistic attack,” Easterly said in the briefing. There have been no ransom demands and no leaks of federal data.

CISA issued an advisory about the threat to the software last week; the managed file transfer software allows agencies to transfer data securely between systems and people. There have been reports of several hundred attacks on this software in the private sector, CISA noted.

The hackers used CL0P ransomware to enter the networks, Easterly said. “They’re taking data and looking to extort it. We’re tracking it as a criminal group.”

While Easterly and CISA declined to name the agencies involved, Federal News Network identified one as the Department of Energy, where two organizations within the agency were apparently attacked.

A senior CISA official said that no military or intelligence agencies were affected.

Federal agencies are under a White House mandate to create a zero-trust cybersecurity environment by September 2024, and Easterly said that those ongoing efforts gave agencies the visibility needed to notice and defend against the attack.

UP NEXT: How agencies can foster a security-first culture.

vm/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT