About MOVEit
MOVEit is a secure managed file transfer (MFT) software product produced by Progress Software. It encrypts files and uses secure File Transfer Protocols to transfer data, as well as providing automation services, analytics and failover options.
MOVEit is used by a wide range of organizations, including businesses, government agencies, and educational institutions. It is used to transfer sensitive data, such as financial records, customer data, and intellectual property.
In 2022, a vulnerability in MOVEit was exploited by the Cl0p ransomware group to attack several tech companies. The vulnerability allowed the attackers to gain access to the companies’ networks and steal sensitive data.
Progress Software released a patch for the vulnerability in January 2022. However, many organizations were still using the vulnerable version of MOVEit at the time of the attacks.
The MOVEit attacks are a reminder of the importance of keeping software up to date with the latest security patches. Businesses should also use strong passwords and security measures to protect their data from cyberattacks.
- The MOVEit attacks were a series of cyberattacks that targeted tech companies using MOVEit, a file transfer software from Progress Software.
- The attackers exploited a vulnerability in the MOVEit software to gain access to the companies’ networks and steal sensitive data.
- The attackers were a group of hackers known as Clop.
- Clop is a Russian ransomware-as-a-service (RaaS) group that has been active since 2019.
- RaaS groups provide ransomware to other criminals, who then use it to attack businesses and demand ransom payments.
- The MOVEit attacks are a reminder of the importance of cybersecurity for all businesses, regardless of size or industry.
- Businesses should use strong passwords and security measures, and keep their software up to date with the latest security patches.
- They should also be aware of the latest cyberattack trends and educate their employees about how to spot and report suspicious activity.
The MOVEit attacks have targeted many tech companies, including:
- Siemens Energy
- Schneider Electric
- PwC
- EY
- British Airways
- BBC
- Ofcom
- Shell
- Johns Hopkins University
- UPS
- Calpers
- Genworth Financial
- PBI Research Services
Following steps below can avoid cyber-attack:
- Use strong passwords and don’t reuse them.
- Keep your software up to date with the latest security patches.
- Be careful about what links you click on and what attachments you open.
- Install antivirus and anti-malware software and keep it up to date.
- Back up your data regularly.
- Be aware of the latest cyberattack trends.
- Educate your employees about cybersecurity.