By Micaela Burrow
Daily Caller News Foundation
The Department of Energy (DOE) confirmed late Thursday it experienced a data breach by a notorious Russian cybercriminal group, one of several state and federal agencies hit with cyberattacks connected to the same global hacking operation, according to media reports.
The number of known victims has reached at least 47 by Thursday, including private companies, American universities and NATO governments “plus a number of as yet unidentified U.S. government agencies, Brett Callow, a cyber threat analyst with Emsisoft, told CBS News. CISA directer Jen Easterly confirmed a ransomware group calling itself Cl0p orchestrated the massive attack but that the breaches would not pose a “systemic risk” to national security or U.S. networks.
“Although we are very concerned about this campaign, this is not a campaign like SolarWinds that poses a systemic risk,” Easterly told reporters on a press call Thursday.
CISA officials declined to say which federal agencies were impacted in the campaign besides specifying that only a small number were dealing with the attack, but DOE later confirmed that it had reported an incident to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), according to The New York Times. DOE notified Congress of the breach and confirmed two entities within the department had been compromised.
“DOE took immediate steps to prevent further exposure to the vulnerability,” press secretary Chad Smith told the NYT.
At the time, there was no indication any military or government intelligence organizations had been hit, a senior official told CBS News.
Other known victims include Johns Hopkins University, the University of Georgia, the BBC, British Airways, Shell, and state government organizations in Minnesota, Illinois, Louisiana and Oregon, according to media reports and cybersecurity analysts.
The State Department and Transportation Security Administration told CNN they were not victims of the attack.
The Russian cybercrime group, which calls itself Cl0p, claimed their attack began last week and affected “hundreds” of organizations, according to Cybernews.
Cybersecurity researchers believe the gang became active in 2014 but began operating ransomware in 2019 operates with the unspoken backing of the Russian government, according to CBS and cyber threat analysts.
The hackers found a vulnerability in a widely-used software called MOVEit that helps companies transfer large files, Anne Neuberger, deputy national security advisor for cyber and emerging technology for the National Security Council, told CBS News.
“They’ve (the hackers) started releasing some of the data that was stolen as part of their work to extort these companies,” Neuberger said, although the senior CISA official told CBS that federal agencies have not received any demands for payment in exchange for the safe restoration of locked data.
If victims do not pay the ransom by the Wednesday deadline Cl0p set, they could have their data from the encrypted, or locked, files leaked publicly and be identified as victims, according to the NYT and CBS. However, as of Thursday, no federal agencies were listed on the gang’s victim site that can be accessed on the Dark Web.
WND is now on Trump’s Truth Social! Follow us @WNDNews
”If you are a government, city or police service do not worry, we erased all your data. You do not need to contact us,” Cl0p wrote. “We have no interest to expose such information.”
CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, CISA’s assistant director for cybersecurity, told CNN in a statement.
This story originally was published by the Daily Caller News Foundation.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact [email protected].
IMPORTANT NOTE: “Election denier!” “Science denier!” “Climate-change denier!” “Conspiracy theorist!” And then there’s “hate speech,” “fake news,” “disinformation,” “misinformation,” even something called “MALinformation.” A bizarre new lexicon has been conjured up by America’s elites, the SOLE PURPOSE of which is to discredit and ridicule – and if at all possible, CENSOR ENTIRELY – speech that doesn’t support their increasingly dark and deranged agenda. Tucker Carlson is just the latest.
In the greatest imaginable irony, the nation once boasting the most robust culture of freedom of speech and the press – undergirded by the strongest constitutional protections for those rights – is now ground zero for a total war on free expression.
How could this possibly happen in the United States of America? It’s all explained as never before in the sensational new issue of WND’s critically acclaimed WHISTLEBLOWER magazine, titled “THE ELITES’ ALL-OUT WAR ON FREE SPEECH.” WHISTLEBLOWER is available in both the popular print edition and a state-of-the-art digital version, either single issues or discounted annual subscriptions.
SUPPORT TRUTHFUL JOURNALISM. MAKE A DONATION TO THE NONPROFIT WND NEWS CENTER. THANK YOU!