The US Department of Energy (DOE) received ransom requests from the Russia-linked extortion group Cl0p at its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday.
The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the New Mexico-based facility for disposal of defense-related radioactive nuclear waste, were hit in the attack, which was first reported on Thursday.
Data were “compromised” at the two DOE entities after hackers breached their systems through a security flaw in the file transfer tool MOVEit Transfer. The software is widely used by organizations around the world to share sensitive data.
From US government departments to the UK’s telecom regulator and energy giant Shell, a range of victims have emerged since Burlington, Massachusetts-based Progress Software found the security flaw in its MOVEit Transfer product last month.
The wide-ranging impact of it shows how even security-minded federal agencies are struggling to defend against ransomware attacks. Ransomware gangs typically scour for such widely used tools.
The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said that several federal agencies had been hit by the MOVEit breach.
It did not say which ones, but added that there had not been much impact to the federal civilian executive branch.
Analysts say that more victims are likely to emerge in the coming weeks.
The DOE ransom requests came in e-mails to each facility, the spokesperson said, without revealing how much money was demanded.
“They came in individually, not as kind of a blind carbon copy,” the spokesperson said. “The two entities that received them did not engage” with Cl0p and there was no indication the ransom requests were withdrawn, he said.
The DOE, which manages US nuclear weapons and nuclear waste sites related to the military, notified the US Congress of the breach and is participating in investigations with law enforcement and the CISA.
Airlines in Australia, Hong Kong, India, Malaysia and Singapore yesterday canceled flights to and from the Indonesian island of Bali, after a nearby volcano catapulted an ash tower into the sky. Australia’s Jetstar, Qantas and Virgin Australia all grounded flights after Mount Lewotobi Laki-Laki on Flores island spewed a 9km tower a day earlier. Malaysia Airlines, AirAsia, India’s IndiGo and Singapore’s Scoot also listed flights as canceled. “Volcanic ash poses a significant threat to safe operations of the aircraft in the vicinity of volcanic clouds,” AirAsia said as it announced several cancelations. Multiple eruptions from the 1,703m twin-peaked volcano in
Chinese President Xi Jinping (習近平) launched a week-long diplomatic blitz of South America on Thursday by inaugurating a massive deep-water port in Peru, a US$1.3 billion investment by Beijing as it seeks to expand trade and influence on the continent. With China’s demand for agricultural goods and metals from Latin America growing, Xi will participate in the APEC summit in Lima then head to the Group of 20 summit in Rio de Janeiro next week, where he will also make a state visit to Brazil. Xi and Peruvian President Dina Boluarte participated on Thursday by video link in the opening
‘HARD-HEADED’: Some people did not evacuate to protect their property or because they were skeptical of the warnings, a disaster agency official said Typhoon Man-yi yesterday slammed into the Philippines’ most populous island, with the national weather service warning of flooding, landslides and huge waves as the storm sweeps across the archipelago nation. Man-yi was still packing maximum sustained winds of 185kph after making its first landfall late on Saturday on lightly populated Catanduanes island. More than 1.2 million people fled their homes ahead of Man-yi as the weather forecaster warned of a “life-threatening” effect from the powerful storm, which follows an unusual streak of violent weather. Man-yi uprooted trees, brought down power lines and smashed flimsy houses to pieces after hitting Catanduanes in the typhoon-prone
HOPEFUL FOR PEACE: Zelenskiy said that the war would ‘end sooner’ with Trump and that Ukraine must do all it can to ensure the fighting ends next year Russia’s state-owned gas company Gazprom early yesterday suspended gas deliveries via Ukraine, Vienna-based utility OMV said, in a development that signals a fast-approaching end of Moscow’s last gas flows to Europe. Russia’s oldest gas-export route to Europe, a pipeline dating back to Soviet days via Ukraine, is set to shut at the end of this year. Ukraine has said it would not extend the transit agreement with Russian state-owned Gazprom to deprive Russia of profits that Kyiv says help to finance the war against it. Moscow’s suspension of gas for Austria, the main receiver of gas via Ukraine, means Russia now only
RSS