US federal government agencies and 'several hundred' US companies and organizations have been compromised by a global cyberattack perpetrated by Russian cybercriminals. The attackers exploited a vulnerability in MOVEit, a file transfer software developed by Progress Software. The Department of Energy confirmed breaches, including one affecting a not-for-profit research center and another associated with waste disposal for atomic energy. Hospitals, universities, and state governments have also felt the impact of the attack. The Clop ransomware group, although demanding multimillion-dollar ransoms generally, has not targeted federal agencies for payment. As the attack unfolded, Progress Software identified a further vulnerability in MOVEit and took swift measures to resolve it, while also taking MOVEit Cloud offline. The breadth of the attack highlights the growing threat of ransomware and other cyberattacks to institutions and infrastructure across the United States.
Source: https://www.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html
TPRM report: https://scoringcyber.rankiteo.com/company/progress-software
"id": "pro340051324",
"linkid": "progress-software",
"type": "Ransomware",
"date": "03/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Energy',
'location': 'United States',
'name': 'Department of Energy',
'type': 'Government Agency'},
{'industry': 'Research',
'location': 'United States',
'name': 'Not-for-profit research center',
'type': 'Organization'},
{'industry': 'Energy',
'location': 'United States',
'name': 'Waste disposal for atomic energy',
'type': 'Organization'},
{'industry': 'Healthcare',
'location': 'United States',
'name': 'Hospitals',
'type': 'Organization'},
{'industry': 'Education',
'location': 'United States',
'name': 'Universities',
'type': 'Organization'},
{'industry': 'Public Administration',
'location': 'United States',
'name': 'State governments',
'type': 'Government'}],
'attack_vector': 'Vulnerability in MOVEit software',
'description': "US federal government agencies and 'several hundred' US "
'companies and organizations have been compromised by a global '
'cyberattack perpetrated by Russian cybercriminals. The '
'attackers exploited a vulnerability in MOVEit, a file '
'transfer software developed by Progress Software. The '
'Department of Energy confirmed breaches, including one '
'affecting a not-for-profit research center and another '
'associated with waste disposal for atomic energy. Hospitals, '
'universities, and state governments have also felt the impact '
'of the attack. The Clop ransomware group, although demanding '
'multimillion-dollar ransoms generally, has not targeted '
'federal agencies for payment. As the attack unfolded, '
'Progress Software identified a further vulnerability in '
'MOVEit and took swift measures to resolve it, while also '
'taking MOVEit Cloud offline. The breadth of the attack '
'highlights the growing threat of ransomware and other '
'cyberattacks to institutions and infrastructure across the '
'United States.',
'impact': {'systems_affected': ['MOVEit software', 'MOVEit Cloud']},
'motivation': 'Financial gain',
'ransomware': {'ransom_demanded': 'Multimillion-dollar ransoms',
'ransomware_strain': 'Clop'},
'threat_actor': 'Clop ransomware group',
'title': 'MOVEit Software Vulnerability Exploited in Global Cyberattack',
'type': 'Ransomware',
'vulnerability_exploited': 'MOVEit software vulnerability'}