(Al Jazeera Media Network) Several U.S. government agencies have been hit in a global hacking campaign that exploited a vulnerability in a widely used software, the United States cyber-watchdog agency said Thursday.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said several federal agencies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement.
“We are working urgently to understand impacts and ensure timely remediation,” he said.
The United States does not expect any “significant impact” from a cyberattack that hit its government agencies, Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency, told MSNBC.
“Right now, we’re focused quickly on those federal agencies that may be impacted, and we’re working hand in hand with them to be able to mitigate that risk,” she said.
MOVEit, made by Progress Software Corp, is typically used by organizations to transfer files between their partners or customers.
It could be used by a financial institution that requires their customers to upload their data to apply for a loan, John Hammond, a senior researcher at the security firm Huntress, said earlier this month.
“There’s a whole lot of potential for what an adversary might be able to get into,” he said.
https://www.aljazeera.com/economy/2023/6/15/us-government-agencies-hit-in-global-hacking-spree
