Federal Agencies Hacked, Clop Ransomware Gang Possible Culprit

Patches have been available for the MOVEit Transfer software vulnerability.

Edward Gately, Senior News Editor

June 15, 2023

6 Slides
Federal agencies systems hacked
Andrey_Popov/Shutterstock

Several U.S. government agencies have been hacked via a MOVEit Transfer software vulnerability. The hacks are part of a larger cyberattack.

According to CNN, the U.S. Cybersecurity and infrastructure Security Agency (CISA) is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.

Eric Goldstein, the agency’s executive assistant director for cybersecurity, told CNN that “we are working urgently to understand impacts and ensure timely remediation.”

Active Exploitation Attempts Discovered

Earlier this month, Huntress discovered active exploitation attempts against MOVEit Transfer. MOVEit Transfer is a managed file transfer (MFT) solution developed by Ipswitch, a subsidiary of Progress Software, that allows enterprises to securely transfer files between business partners and customers.

Last week, CISA and the FBI published a joint advisory about the Clop ransomware gang exploiting the MOVEit vulnerability to steal files stored on the server. It hasn’t been confirmed whether Clop is behind the attacks on federal agencies.

According to ReliaQuest, Clop has named 14 new organizations as its victims, bringing the total number to 27. Of the newly named organizations, 11 are from the United States and three are from Europe. The organizations listed are predominantly operating in financial services, followed by health care, pharmaceuticals and technology. The list of company names has been published on Clop’s dark-web data-leak site, although the group has removed one name. As of this update, ReliaQuest is not aware of any leaked data.

See our slideshow above for the full story on the attacks on federal agencies.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like