The US Department of Energy (DOE) received ransom requests from the Russia-linked extortion group Cl0p at its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday.
The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the New Mexico-based facility for disposal of defense-related radioactive nuclear waste, were hit in the attack, which was first reported on Thursday.
Data were “compromised” at the two DOE entities after hackers breached their systems through a security flaw in the file transfer tool MOVEit Transfer. The software is widely used by organizations around the world to share sensitive data.
From US government departments to the UK’s telecom regulator and energy giant Shell, a range of victims have emerged since Burlington, Massachusetts-based Progress Software found the security flaw in its MOVEit Transfer product last month.
The wide-ranging impact of it shows how even security-minded federal agencies are struggling to defend against ransomware attacks. Ransomware gangs typically scour for such widely used tools.
The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said that several federal agencies had been hit by the MOVEit breach.
It did not say which ones, but added that there had not been much impact to the federal civilian executive branch.
Analysts say that more victims are likely to emerge in the coming weeks.
The DOE ransom requests came in e-mails to each facility, the spokesperson said, without revealing how much money was demanded.
“They came in individually, not as kind of a blind carbon copy,” the spokesperson said. “The two entities that received them did not engage” with Cl0p and there was no indication the ransom requests were withdrawn, he said.
The DOE, which manages US nuclear weapons and nuclear waste sites related to the military, notified the US Congress of the breach and is participating in investigations with law enforcement and the CISA.
X-37B COMPARISON: China’s spaceplane is most likely testing technology, much like US’ vehicle, said Victoria Samson, an official at the Secure World Foundation China’s shadowy, uncrewed reusable spacecraft, which launches atop a rocket booster and lands at a secretive military airfield, is most likely testing technology, but could also be used for manipulating or retrieving satellites, experts said. The spacecraft, on its third mission, was last month observed releasing an object, moving several kilometers away and then maneuvering back to within a few hundred meters of it. “It’s obvious that it has a military application, including, for example, closely inspecting objects of the enemy or disabling them, but it also has non-military applications,” said Marco Langbroek, a lecturer in optical space situational awareness at Delft
Malaysia yesterday installed a motorcycle-riding billionaire sultan as its new king in lavish ceremonies for a post seen as a ballast in times of political crises. The coronation ceremony for Malaysia’s King Sultan Ibrahim, 65, at the National Palace in Kuala Lumpur followed his oath-taking in January as the country’s 17th monarch. Malaysia is a constitutional monarchy, with a unique arrangement that sees the throne change hands every five years between the rulers of nine Malaysian states headed by centuries-old Islamic royalty. While chiefly ceremonial, the position of king has in the past few years played an increasingly important role. Royal intervention was
The Philippine Air Force must ramp up pilot training if it is to buy 20 or more multirole fighter jets as it modernizes and expands joint operations with its navy, a commander said yesterday. A day earlier US National Security Adviser Jake Sullivan said that the US “will do what is necessary” to see that the Philippines is able to resupply a ship on the Second Thomas Shoal (Renai Shoal, 仁愛暗沙) that Manila uses to reinforce its claims to the atoll. Sullivan said the US would prefer that the Philippines conducts the resupplies of the small crew on the warship Sierra Madre,
AIRLINES RECOVERING: Two-thirds of the flights canceled on Saturday due to the faulty CrowdStrike update that hit 8.5 million devices worldwide occurred in the US As the world continues to recover from massive business and travel disruptions caused by a faulty software update from cybersecurity firm CrowdStrike, malicious actors are trying to exploit the situation for their own gain. Government cybersecurity agencies across the globe and CrowdStrike CEO George Kurtz are warning businesses and individuals around the world about new phishing schemes that involve malicious actors posing as CrowdStrike employees or other tech specialists offering to assist those recovering from the outage. “We know that adversaries and bad actors will try to exploit events like this,” Kurtz said in a statement. “I encourage everyone to remain vigilant