A global hacking incident that occurred earlier this summer and affected various US federal government agencies has been attributed to a Russian cybercriminal collective. This group, known as the CLOP ransomware gang, boasts responsibility for compromising the security of both corporate and government entities in Western countries, with a primary focus on the United States and the United Kingdom. Their entry point was exploiting a vulnerability in MOVEit, a widely used file transfer application employed by numerous corporations and governments globally.
The Cybersecurity and Infrastructure Security Agency (CISA), the leading civilian cybersecurity oversight organization in the US, has been collaborating with various government agencies to investigate the full scope of the cyberattacks. Additionally, CISA has been offering assistance to the affected agencies in fortifying their security measures following the hacking incident.
Based on an IBM report, government agencies face an average cost of $2.07 million per data breach incident. Moreover, in 2018 alone, security breaches in government systems incurred a substantial expense of approximately $13.7 billion for US taxpayers.
Jen Easterly, the director of CISA, has recently expressed the agency’s collaboration with the FBI to assess the prevalence of these hacks. They are also committed to offering cybersecurity support to government agencies that remain susceptible to being targeted by hackers from both foreign and domestic origins.
The House Energy and Commerce Committee members issued a statement stressing the importance of bolstering cybersecurity measures in federal agencies to protect America’s critical infrastructure and effectively respond to sophisticated cyberattacks. They emphasized the need for swift action and enhanced security protocols when dealing with such attacks.
Cyrus Walker, the founder of Data Defenders, a cybersecurity firm, asserted that federal agencies must collaborate more closely to promptly detect real-time threats. Additionally, he highlighted the significance of keeping their countermeasures up-to-date to ensure robust protection against potential threats. Walker also underscored the importance of government collaboration with private sector companies to share threat intelligence. Moreover, he emphasized the need for strong leadership to safeguard federal agencies’ software supply chain.