The Department of Energy is among a group of federal agencies affected by Russian malware targeting government systems, Homeland Security officials revealed, according to the Associated Press.
Part of a wider, global campaign of ransomware targeting government institutions, the government claims the compromise is not severe, and it does not foresee long-term security risks.
“Based on discussions we have had with industry partners … these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high-value information— in sum, as we understand it, this attack is largely an opportunistic one,” Cybersecurity and Infrastructure Security Agency Director Jen Easterly said.
US GOVERNMENT AGENCIES HIT BY CYBERATTACK
Easterly went on to emphasize that the U.S. government does not believe the compromise will have serious consequences.
“Although we are very concerned about this campaign and working on it with urgency, this is not a campaign like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she added.
PRO-RUSSIAN HACKERS CLAIM CYBER ATTACK ON FBI WEBSITE: REPORT
U.S. Secretary of Energy Jennifer Granholm has not yet publicly addressed the cyberattack.
“According to the Russian Cyber Doctrine, the Russian President, Putin himself approves high-profile cyber operations, such as the one targeting U.S. Department of Energy,” said Rebekah Koffler — a former analyst at the U.S. Defense Intelligence Agency — in a comment to Fox News Digital.
The attack has been attributed to the Clop ransomware group operating out of Russia.
“The U.S. government has minimized the threat of Russian cyber attacks for decades. Even today, it doesn’t acknowledge the link between these cyber operations and U.S. support of Ukraine,” Koffler continued. “The U.S. government has done little to secure its networks against Russian attacks.”
Officials say the attack exploited a weakness with the “MOVEit” file transfer application, which opened up hundreds of businesses and agencies to infiltration.
US MARSHALS SERVICE ATTACKED BY RANSOMWARE TARGETING SENSITIVE LAW ENFORCEMENT INFORMATION
“It’s a software that federal agencies and companies across the world use. We put out an advisory about this last week, and we’re responding to it,” CISA Director Jen Easterly told MSNBC in a previous interview.
“You know, these vulnerabilities are pretty common in software, and our job is to work with businesses to ensure they have the resources and tools to mitigate that risk,” she added.
The incident comes months after President Biden’s administration rolled out a new National Cybersecurity Strategy that aims to protect the nation’s critical infrastructure from “borderless” cyber threats.
There was a flurry of cyberattacks in early 2023, including when Tallahassee Memorial HealthCare in northern Florida was forced to take its information technology systems offline after it was hit by an apparent ransomware attack.
Fox News Digital’s Anders Hagstrom contributed to this report.