The impact of a wide-ranging cyber attack affecting a “small number” of government agencies is still being assessed, officials at the Cybersecurity and Infrastructure Security Agency said Thursday.
CISA, which monitors cyber threats and recommends policies and tools to combat them, would not say which agencies were attacked, though officials said they’re not aware of any impacts to the military or the intelligence community. The Pentagon did not immediately respond to requests for comment.
There are so far no indications that stolen government data has been leaked, and the government has received no ransom demands, the officials said.
“It is not the case today that the actor has disclosed any information stolen from federal agencies on what are called their leak sites where they often disclose information to demand a payment as part of their extortion scheme,” a CISA official told reporters on June 15. “Impacted federal agencies are conducting appropriate analyses to understand impacts to their agencies and effective data.”
As first reported by CNN, the impacted technology involved MOVEit, a commonly used file transfer software that encrypts and transfers data.
The creator of the technology, Progress Software Corporation, formerly Ipswitch, Inc., partners with 1,700 software companies and 3.5 million developers, according to its website.
CNN also reported that a group of Russian speaking hackers have been hacking this kind of software to target broad groups of users and extort them for money. This group, called CLOP, previously took credit for some of these hacks that affected state governments, the BBC and British Airways, among others, according to CNN.
It wasn’t clear whether the particular attack affecting agencies was perpetrated by the same people.
“We are also moving urgently to ensure that similar types of products and applications are appropriately hardened,” officials said.
CISA said it has responded by adding this recent intrusion to its exploited vulnerability catalog and mandated federal agencies to begin mitigation. It also published an advisory with the FBI.
“Although we are very concerned about this campaign and working on it with urgency, this is not a campaign like SolarWinds that presented systemic risk to our national security or our nation’s network,” said Jen Easterly, CISA’s director.
Molly Weisner is a staff reporter for Federal Times where she covers labor, policy and contracting pertaining to the government workforce. She made previous stops at USA Today and McClatchy as a digital producer, and worked at The New York Times as a copy editor. Molly majored in journalism at the University of North Carolina at Chapel Hill.