MOVEit Cyber Attack: What You Need to Know

#moveit #cybersecurity #ransomware #zeroday

A recent cyber attack on the MOVEit Transfer software has impacted a number of organizations around the world. The attack was carried out by the Clop ransomware group, who have exploited a zero-day vulnerability in the MOVEit software.

Details of the attack

The Clop ransomware group exploited a SQL injection vulnerability in the MOVEit Transfer software to gain access to the MOVEit servers. Once they had access to the servers, they were able to steal sensitive data from a number of organizations.

The SQL injection vulnerability allowed the Clop ransomware group to execute arbitrary SQL commands on the MOVEit servers. This allowed them to steal sensitive data, such as customer data, employee data, and financial data.

Impact of the attack

The impact of the cyber attack is still being assessed.

However, There are no reports of ransom demands being sought or money stolen.

It is clear that the attack has had a significant impact on a large number of organizations.

Zellis — An UK based payroll company said data from eight of its client firms had been extorted

BBC — Staff ID numbers, dates of birth, home addresses and national insurance numbers had been extorted

British Airways — Bank account details

The government of Nova Scotia, Canada — personal data of as many as 100,000 past and present public employees

The New York-based University of Rochester,

Minnesota Department of Education,

Ernst and Young,

U.K. broadcast regulator Ofcom ,

Extreme Networks ,

Illinois Department of Innovation and Technology (DoIT),

The State of Missouri Office of Administration, Information Services and Technology Division (OA-ITSD) ,

Aer Lingus ,

Boots , etc.

and the list is growing still..

How to prevent future attacks

Organizations can take a number of steps to prevent future attacks, including:

Regularly update their software. Software updates often include security patches that can help to protect against known vulnerabilities.

Implement security best practices. Security best practices include things like using strong passwords, enabling multi-factor authentication, and implementing a data backup plan.

Have a plan in place to respond to a data breach. In the event of a data breach, organizations should have a plan in place to notify their customers and employees, secure their systems, and investigate the incident.

The MOVEit cyber attack is another reminder of the importance of cybersecurity. Organizations should invest more and take more steps to protect their systems and data from attack.