The U.S. Department of Health and Human Services (HHS) was targeted with a distributed denial-of-service (DDoS) attack on Sunday, but the agency said it did not experience any significant disruption as a result of the incident.
“HHS has an IT infrastructure with risk-based security controls continuously monitored in order to detect and address cybersecurity threats and vulnerabilities. On Sunday, we became aware of a significant increase in activity on HHS cyber infrastructure and are fully operational as we actively investigate the matter,” Caitlin Oakley, an HHS spokesperson, told SecurityWeek.
“Early on while preparing and responding to COVID-19, HHS put extra protections in place,” Oakley added. “We are coordinating with federal law enforcement and remain vigilant and focused on ensuring the integrity of our IT infrastructure.”
Ellen Nakashima, a national security reporter at The Washington Post, learned that the HHS’s website never actually crashed as a result of the attack, which her sources described as a 2 on a scale from 1 to 10.
Bloomberg, which first reported on the incident, learned from sources that a tweet from the National Security Council (NSC) about fake text messages warning of a national quarantine was also related to the “hack.” Bloomberg also initially used the term “cyber intrusion,” but later removed it from the body of its article — it still appears in the subheadline at the time of writing. It’s worth noting that mainstream media often confuses DDoS attacks with breaches.
According to some reports, the attack may have been launched by a foreign threat actor and its goal was to undermine ..
Support the originator by clicking the read the rest link below.
