BREAKING: Multiple US Gov. Agencies Targeted by Cyberattack

According to multiple sources, several U.S. federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is providing support to several federal agencies that have experienced intrusions affecting vulnerable software exploited by the threat operators. The US Cybersecurity and Infrastructure Security Agency released a statement on Thursday following the attack, saying it is “providing support to several federal agencies that have experienced intrusions”

The affected software’s name and alleged vulnerability were not disclosed, and CISA, the FBI, and the U.S.

Various organizations worldwide have experienced breaches as a result of vulnerabilities in popular software products. Most recently, the compromise of data from organizations like the BBC, Boots, and British Airways occurred due to a weakness in the transfer software MOVEit. It remains unclear if these incidents are connected to the recently announced U.S. government breach.

There were also multiple threats made by a collection of different threat actors over social media including REvil, Killnet and Anonymous Sudan that indicated they were going to be attacking the European Banking System within 48 hours. It is unknown if these attacks are related to the threats made at this time.

Topor Live, a large Telegram-based news outlet based out of Russia, with over 3.9M followers, reported that REvil, Anonymous Sudan, and Killnet are going to take down the European banking system in 48 hours.

Following this attack, Linus Torvalds will switch to Windows. pic.twitter.com/i1CK2OtEpN

— vx-underground (@vxunderground) June 14, 2023

Here is footage released by "REvil" and Killnet about taking down the European banking system.

Since when did REvil ransomware group go on camera and publicly disclose their plans prior to attack? And why is "REvil" wearing a Slipknot mask? pic.twitter.com/2LaQLHQZKe

— vx-underground (@vxunderground) June 14, 2023

Updates will be posed to this thread once they become available.

Update (10:32 AM): CISA confirms intrusion was due to MOVEit vulnerability:

“The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said several federal agencies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement.”

– Reuters.com

Update (12:29 AM): John Hopkins Reports Being Affected By MOVEit Vulnerability:

Officials from the Hopkins community have confirmed that their cybersecurity department is diligently working to probe into a recent cyberattack. Preliminary assessments indicate that the information of some employees, students, and possibly patients at Johns Hopkins may have been affected.

In a statement, they said, “The privacy and security of our community members are of utmost importance at Johns Hopkins. Our cybersecurity team, along with data security professionals and law enforcement, is striving to identify the scope of information involved.” They also pledged to release updates promptly and to reach out directly to anyone affected by this incident.

The statement further said, “We have acted swiftly to secure our systems and are collaborating with a prominent cybersecurity firm to delve into the details of this attack.”

Hopkins became aware of the assault on May 31. The attack aimed at a broad vulnerability in the MOVEit software, which is utilized by a significant number of other organizations as well.