Software used by federal agencies was recently struck by cybercriminals.
It was recently announced that there was yet another cybersecurity breach that impacted the federal government negatively. The director of CISA (Cybersecurity and Infrastructure Security Agency) revealed information about the event and noted it wasn’t as bad as the SolarWinds hack that hit a couple of years back. What specific organizations were impacted by the recent infiltration was not publicly shared, but it was confirmed that “several” US agencies were hit.
Are you a federal employee? Read to retire? Don’t miss our no-cost webinar series, featuring Ed Zurndorfer!
The hackers, who are becoming “increasingly sophisticated and persistent,” targeted a file transfer program known as “MOVEit Transfer.” This is not to be confused with the “TRANServe” system, which reimburses some commuting costs for federal employees and was involved in a cyber incident about a month ago. The recent attack was confirmed by a cyber intelligence division of Google Cloud known as Mandiant, the company responsible for administering the exploited application. The representative also said that data belonging to the US Government had been stolen. What parties were responsible for the hack was not announced.
Interestingly, the CISA and the FBI issued a prior warning to agencies about the security vulnerabilities of the “MOVEit Transfer” software, noting it was susceptible to ransomware – which steals and locks up digital information like its hostage until a requested payment is completed, usually via some digital currency like bitcoin. The CISA described the program’s weakness as "a gap in software security."
----
Until Next Time,
You Might Also Enjoy This Podcast
**Written by Benjamin Derge, Financial Planner, ChFEBC℠ The information has been obtained from sources considered reliable but we do not guarantee that the foregoing material is accurate or complete. Any opinions are those of Benjamin Derge and not necessarily those of RJFS or Raymond James. Links are being provided for information purposes only. Expressions of opinion are as of this date and are subject to change without notice. Raymond James is not affiliated with and does not endorse, authorize, or sponsor any of the listed websites or their respective sponsors.
