Several US Government Agencies Targeted In Global Cyberattack: Report

Several US government agencies were targeted in a global cyberattack that exploited a vulnerability in a widely used software, the US cyber watchdog agency said on Thursday, Reuters reported.

The cyberattack came to light after several government bodies experienced intrusions following the discovery of a weakness in the file transfer software MOVEit.

"The US Cybersecurity and Infrastructure Security Agency (CISA) is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications," Eric Goldstein, the agency's executive assistant director for cybersecurity, said in a statement to CNN.

"We are working urgently to understand impacts and ensure timely remediation," he further said.

MOVEit, made by Progress Software Corp, is usually used by organisations to transfer files between their partners or customers. Progress has urged its customers to update their software packages and has issued security advice.

The United States does not expect any "significant impact" from the breach, CISA director Jen Easterly said.

However, it is not yet known which agencies that were hit or exactly how they were affected. The FBI and National Security Agency have also not responded to the cyberattack.

The development comes on the back of a hacking campaign that began two weeks ago and has hit major US universities and state governments. 

Johns Hopkins University in Baltimore and the university's health system, which was targeted by hackers, said in a statement earlier this week that "sensitive personal and financial information", including health billing records, may have been stolen in the hack.

A Russian-speaking group known as CLOP last week claimed credit for some of the cyberattacks, which have also affected employees of the BBC, British Airways, oil giant Shell, and state governments in Minnesota and Illinois, among others, CNN reported.

The group had given victims a deadline till June 14 to contact them on paying a ransom. They have now begun listing more alleged victims from the hack on their extortion site on the dark web.