The Department of Energy is among a group of federal agencies affected by Russian malware targeting government systems, Homeland Security officials revealed, according to the Associated Press.
Part of a wider, global campaign of ransomware targeting government institutions, the government claims the compromise is not severe, and it does not foresee long-term security risks.
“Based on discussions we have had with industry partners … these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high-value information— in sum, as we understand it, this attack is largely an opportunistic one,” Cybersecurity and Infrastructure Security Agency Director Jen Easterly said.
US GOVERNMENT AGENCIES HIT BY CYBERATTACK
Jen Easterly, director of Cybersecurity and Infrastructure Security Agency (CISA), during the 2023 CERAWeek by S&P Global conference in Houston, Texas, US. (Photographer: F. Carter Smith/Bloomberg via Getty Images)
Easterly went on to emphasize that the U.S. government does not believe the compromise will have serious consequences.
“Although we are very concerned about this campaign and working on it with urgency, this is not a campaign like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she added.
PRO-RUSSIAN HACKERS CLAIM CYBER ATTACK ON FBI WEBSITE: REPORT
U.S. Secretary of Energy Jennifer Granholm has not yet publicly addressed the cyberattack.
“According to the Russian Cyber Doctrine, the Russian President, Putin himself approves high-profile cyber operations, such as the one targeting U.S. Department of Energy,” said Rebekah Koffler — a former analyst at the U.S. Defense Intelligence Agency — in a comment to Fox News Digital.
The attack has been attributed to the Clop ransomware group operating out of Russia.
Department of Energy (DOE) headquarters in Washington, D.C.
“The U.S. government has minimized the threat of Russian cyber attacks for decades. Even today, it doesn’t acknowledge the link between these cyber operations and U.S. support of Ukraine,” Koffler continued. “The U.S. government has done little to secure its networks against Russian attacks.”
Officials say the attack exploited a weakness with the “MOVEit” file transfer application, which opened up hundreds of businesses and agencies to infiltration.
US MARSHALS SERVICE ATTACKED BY RANSOMWARE TARGETING SENSITIVE LAW ENFORCEMENT INFORMATION
“It’s a software that federal agencies and companies across the world use. We put out an advisory about this last week, and we’re responding to it,” CISA Director Jen Easterly told MSNBC in a previous interview.
“You know, these vulnerabilities are pretty common in software, and our job is to work with businesses to ensure they have the resources and tools to mitigate that risk,” she added.
U.S. Secretary of Energy Jennifer Granholm (C) speaks during a visit to the San Onofre Nuclear Generating Station (SONGS) near San Clemente in San Diego County, California.
