Skip to main content
Tags: ransomware

US Energy Dept Got Two Ransom Requests in Global Data Breach

Friday, 16 June 2023 04:14 PM EDT

The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and the scientific education facilities that were recently hit in a global hacking campaign, a spokesperson said on Friday.

The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the New Mexico-based facility for disposal of defense-related radioactive nuclear waste, were hit in the attack, which was first reported on Thursday. Data was "compromised" at two entities within the DOE when hackers gained access through a security flaw in MOVEit Transfer.

The requests came in emails to each facility, said the spokesperson, who did not say how much money was requested. "They came in individually, not as kind of a blind carbon copy," the spokesperson said. "The two entities that received them did not engage," with Cl0p and there was no indication that the ransom requests were withdrawn, the spokesperson said.

The DOE, which manages U.S. nuclear weapons and nuclear waste sites related to the military, notified Congress of the breach and is participating in investigations with law enforcement and the U.S. Cybsecurity and Infrastructure Security Agency. CISA has said it has not seen any significant impacts to the federal civilian executive branch but was working with partners on the issue.

Cl0p has said it would not exploit any data taken from government agencies, and that it had erased all such data.

Cl0p did not respond to requests for comment, but in an all-caps post to their website Friday the group said “WE DON'T HAVE ANY GOVERNMENT DATA” and suggested that should the hackers inadvertently have picked up such data in their mass theft “WE STILL DO THE POLITE THING AND DELETE ALL.”

Recorded Future analyst Allan Liska said cl0p was likely making a big deal out of how they purportedly deleted government data in an attempt to protect themselves from retaliation from Washington and other governments.

"They're thinking, 'If we post this, the government won't come after us.' I think the thought is, 'As long as we don't keep data from hospitals and government agencies we can operate under the radar.'

No one in the security community took the group’s data destruction claim seriously, Liska said. "Everybody in the security community was like, ‘Yeah right. You probably gave it to your Russian handlers.’" 

© 2024 Thomson/Reuters. All rights reserved.


Newsfront
The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and the scientific education facilities that were recently hit in a global hacking campaign, a spokesperson said on Friday.The DOE contractor Oak...
ransomware
387
2023-14-16
Friday, 16 June 2023 04:14 PM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
TOP

Interest-Based Advertising | Do not sell or share my personal information

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved
Download the NewsmaxTV App
Get the NewsmaxTV App for iOS Get the NewsmaxTV App for Android Scan QR code to get the NewsmaxTV App
NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved