A spokesperson has confirmed that hackers from the Russia-linked extortion group Cl0p are demanding a ransom from the U.S. Energy Department.
Must Watch: Would you live on 3D Printed Mars for a year for $60,000?
The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday.
The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the New Mexico-based facility for disposal of defense-related radioactive nuclear waste, were hit in the attack, which was first reported on Thursday.
Data was “compromised” at the two DOE entities after hackers breached their systems through a security flaw in the file transfer tool MOVEit Transfer. The software is widely-used by organisations around the world to share sensitive data.
From U.S. government departments to the UK’s telecom regulator and energy giant Shell, a range of victims have emerged since Burlington, Massachusetts-based Progress Software found the security flaw in its MOVEit Transfer product last month.
Subscribe to GreatGameIndia
The wide-ranging impact of it shows how even the most security-minded federal agencies are struggling to defend against ransomware attacks. Ransomware gangs typically scour for such widely-used tools.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Thursday that several federal agencies had been hit by the MOVEit breach. It did not say which ones, but added that there had not been much impact to the federal civilian executive branch.
Eric Goldstein, the Executive Assistant Director for Cybersecurity at the US Cybersecurity and Infrastructure Security Agency, stated that US government agencies were hit in a global cyberattack.