Russian-speaking Ransomware Gang 'Clop'
US CISA "No Significant Impact Expected"

The Joe Biden administration in the United States has launched an investigation into a large-scale cyberattack on U.S. federal agencies, suspected to be carried out by Russia. Attention is focused on whether this will escalate into a diplomatic conflict with the Russian government, similar to the 2020 SolarWinds incident.


On the 15th (local time), U.S. political media outlet Politico and others reported that some U.S. federal agencies were targeted by a cyberattack exploiting a security vulnerability in the program 'MoveIt,' which is used to transmit data.


The Cybersecurity and Infrastructure Security Agency (CISA), under the U.S. Department of Homeland Security, confirmed the cyberattack in a statement on the same day, saying, "We are urgently working to identify the scope of impact and take timely action."


While CISA stated that it is responding swiftly to the hacking attack, it did not disclose specific details about the perpetrators or the affected agencies. It also did not mention whether there was any ransom demand resulting from the hacking.


According to the U.S. General Services Administration, approximately 12 U.S. federal agencies currently have contracts with MoveIt.


Russian President Vladimir Putin. [Image source=Yonhap News]

Russian President Vladimir Putin. [Image source=Yonhap News]

View original image

President Biden also gave a brief response of "No" when asked during a White House event whether he could comment on the cyberattack.


Concerns have arisen about the possibility that critical information handled by the U.S. government may have been leaked externally due to this attack targeting federal agencies. In response, Jen Easterly, director of CISA, stated, "We do not expect significant impact from this intrusion."


Earlier, CISA and the Federal Bureau of Investigation (FBI) detected signs of hacking and issued advisories last week, warning that the Russian-speaking hacking group 'Clop' was exploiting MoveIt software to conduct cyberattacks.


Major foreign media outlets such as Bloomberg News reported that Clop, believed to be linked to Russia, has recently been carrying out successive cyberattacks using MoveIt. According to reports, Clop claimed responsibility for hacking attacks on the U.S. states of Minnesota and Illinois, the British Broadcasting Corporation (BBC), and British Airways.


Alan Riska, a ransomware expert at Recorded Future who monitors Clop's activities, said, "So far, there is no confirmation of any U.S. government agency data being leaked by Clop," adding, "There is a very high likelihood that this attack is connected to the Russian government."


Meanwhile, attention is focused on whether this incident will escalate into a diplomatic conflict between the U.S. and Russia. This is the first cyberattack targeting U.S. federal agencies since the 2020 SolarWinds incident. At that time, hackers believed to be backed by Russia hacked the U.S. network monitoring software company SolarWinds and infiltrated the networks using SolarWinds software, accessing databases of nine public institutions including the U.S. Departments of State, Treasury, Commerce, and Homeland Security.


Hot Picks Today

"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ① "Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①

Due to this large-scale hacking incident and allegations of interference in the U.S. presidential election, the Biden administration imposed sanctions by expelling 10 Russian diplomats from the U.S., and Russia retaliated by expelling U.S. diplomats stationed in Russia.


한글 기사 보기
This content was produced with the assistance of AI translation services.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.

Today’s Briefing