Cybersecurity company identifies months-long attack on US federal commission

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

The United States Commission on International Religious Freedom (USCIRF) has been hit with a cyberattack, according to cybersecurity firm Avast

Avast did not identify the federal agency affected but The Record was able to determine it was the USCIRF.

The Cybersecurity and Infrastructure Security Agency (CISA) declined to comment on the attack and said all requests for more information should go to USCIRF. USCIRF did not respond to requests for comment. 

Created in 1998, USCIRF describes itself as a US federal government commission that monitors the right to freedom of religion or belief abroad.  

“USCIRF uses international standards to monitor religious freedom violations globally, and makes policy recommendations to the President, the Secretary of State, and Congress,” the organization said on its website

In Avast’s report, the company said attackers were able to compromise systems on USCIRF’s network in a way that “enabled them to run code as the operating system and capture any network traffic traveling to and from the infected system.” 

The report notes that there is evidence that the attack was done in multiple stages and may have involved “some form of data gathering and exfiltration of network traffic.”

“Further because this could have given total visibility of the network and complete control of an infected system it is further reasonable speculation that this could be the first step in a multi-stage attack to penetrate this, or other networks more deeply in a classic APT-type operation,” Avast said.  

“That said, we have no way to know for sure the size and scope of this attack beyond what we’ve seen. The lack of responsiveness is unprecedented and cause for concern. Other government and non-government agencies focused on international rights should use the IoCs we are providing to check their networks to see if they may be impacted by this attack as well.”

Avast said the attack has been going on for months yet USCIRF and CISA refused to engage with them when notified. They allegedly tried multiple channels over the course of months to help resolve the issue but

Read more

Explore the site

More from the blog

Latest News