:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/CK5WUM6QQNDNZPF3XON2COVPNY.jpg)
U.S. government agencies have been hit as part of a global cyberattack that targeted a vulnerability in widely used software, according to multiple reports.
The scope of the attack was not immediately clear. In a statement obtained by CNN, a senior official with the Cybersecurity and Infrastructure Security Agency said “several federal agencies” have been impacted.
“We are working urgently to understand impacts and ensure timely remediation,” Eric Goldstein, CISA’s executive assistant director for cybersecurity, told the news network.
CISA director Jen Easterly told MSNBC that authorities don’t expect that the hack will have major impacts on the affected agencies.
“Right now, we’re focused specifically on those federal agencies that may be impacted and we’re working hand-in-hand with them to be able to mitigate that risk,” she said. She declined to identify the impacted agencies.
“We want to work with our partners to make sure we fully understand the situation. I am confident, though, that given all of the advances that we have made with our partners that we are able to drive down that risk in an effective way so we will not see significant impacts.”
The government is often targeted by cyberattacks, though the impacts of those attacks are limited, The Wall Street Journal reported.
The hack involves a vulnerability found in Progress Software’s MOVEit Transfer, which is typically used to transfer files between organizations and their partners or customers, Reuters reported. Progress Software first issued a notice about the vulnerability late last month. In the weeks since, several state governments, universities and companies — including British Airways and John Hopkins University — have reported breaches, according to CNN and the Journal.
Easterly said Thursday that officials believe a well-known ransomware group is behind the attacks. Earlier, Russian extortion group Cl0p claimed credit for some of the earlier breaches, the Journal reported.
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/U3WSQRTGKJAQ3IRJL7QWTPHY7I.PNG)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/AJF77SRUDVDVNJIZ76CVWEHRRU.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/I5KGVWL2ZVA2TAVUZ7IOVDLI2U.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/U2WCGC5Y4BGSFIDZOUANUQWEA4.jpg)