State of Illinois victim of global ransomware attack
The state of Illinois was among the victims of a global ransomware attack late last month that is believed to have exploited a vulnerability in a popular file transfer program, the state’s information technology agency announced Friday.
The FBI and the federal Cybersecurity and Infrastructure Security Agency have attributed the attack, which hit Illinois state government May 31, to a ransomware gang called CL0P, which exploited the popular MOVEit Transfer file-sharing software.
Other victims of the attack include the BBC, British Airways and Nova Scotia’s government, according to The Associated Press.
The attack on Illinois’ computer systems was contained within three hours, according to the state Department of Innovation and Technology. But spokeswoman Jennifer Johnson said the agency still is working to determine the extent of the intrusion.
“MOVEit is a file transfer utility used by many state agencies to transfer a variety of files,” Johnson said.
The department’s “current efforts are focused on determining an accurate population of impacted individuals for appropriate notifications,” she said.
The department “believes a large number of individuals could be impacted.”
The Russian CL0P ransomware syndicate announced on its dark web site late Tuesday that its victims — who it suggests number in the hundreds — had until June 14 to get in touch to negotiate a ransom or risk having sensitive stolen data dumped online.
“This is potentially one of the most significant breaches of recent years,” Brett Callow, an analyst at the cybersecurity firm Emsisoft, told the AP. “We’ll have a better sense of how significant it is as more details emerge about the number and type of organizations impacted.”
Ransomware is malicious software that infects a computer system. Those behind ransomware then demand money to allow the system to work properly again or threaten to post sensitive information online if they don’t receive payment.
CL0P claims it does not extort governments, cities or police agencies, the AP reported, but cybersecurity experts say that’s likely a tactic employed in an effort to avoid direct conflict with law enforcement, and that the financially…
