Federal Agencies Compromised by Russian Malware

(RepublicanNews.org) – Homeland Security officials have said the impact of a hack of multiple federal and state agencies, including The Department of Energy, is not significant.

A file-sharing program favored by governments and businesses was the method of entry for a Russian gang intent on extortion. According to the Cybersecurity and Infrastructure Security Agency (CISA), unlike the SolarWinds hack of 2020, this was brief and discovered promptly.

The SolarWinds incident, which was attributed to Russian intelligence, took months of planning and deployment. This attack was “short” and “opportunistic,” said CISA Director Jen Easterly. No branch of the U.S. Military and no intelligence agencies were affected. Chad Smith, the spokesperson for the Energy Department, acknowledged intrusion in two department agencies but would not elaborate. Though they have yet to take credit for the hack, a Russian ransomware group known as Clop is suspected to be behind the series of hacks.

Louisiana officials recommended that residents with vehicle records and driver’s licenses in the state freeze their credit, saying that birthdates, Social Security numbers, names, and addresses had “likely” been exposed to the intrusion. 3.5 million Oregonian driving records were also breached. Entities outside the U.S. have been affected as well, with the government of Nova Scotia and businesses in the U.K. falling victim.

On the same day as the Energy Department intrusions, a video dubbed in Russian script began circulating online. In it, hackers threatened to bring down the European banking system within 48 hours. The audio from the one-minute video was translated into English and contained a handful of pro-Russian and anti-Ukrainian statements. Of the three speakers in the video, none appeared without their faces covered. Anonymous Sudan, Killnet, and REvil, all either individuals or hacking cooperatives, took credit for the video. Some European officials have pushed for Article 5 of the NATO treaty to equate a cyber attack on one member with a real-world kinetic attack.

Copyright 2023, RepublicanNews.org