The industrial behemoths Schneider Electric, werum.com, UCLA (http://ucla.edu), Abbie (http://abbvie.com), and Siemens Energy are among the five new MOVEit attacks victims listed on the dark web leak site for the Clop ransomware organization. Industrial Control Systems (ICS) are offered by Siemens Energy and Schneider Electric and are employed in crucial national infrastructures all over the world.
Threat actors assert that by using the recently discovered MOVEit Transfer vulnerability CVE-2023-34362, they were able to breach 100 different businesses.
Incentives are provided by the US government for intelligence that results in the capture, indictment, or location of threat actors.
Source: https://securityaffairs.com/147865/data-breach/schneider-electric-siemens-energy-moveit.html
TPRM report: https://scoringcyber.rankiteo.com/company/schneider-electric
"id": "sch0353723",
"linkid": "schneider-electric",
"type": "Breach",
"date": "06/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Industrial Control Systems',
'name': 'Schneider Electric',
'type': 'Company'},
{'name': 'werum.com', 'type': 'Company'},
{'industry': 'Education',
'location': 'Los Angeles, CA, USA',
'name': 'UCLA',
'type': 'University'},
{'name': 'Abbie', 'type': 'Company'},
{'industry': 'Industrial Control Systems',
'name': 'Siemens Energy',
'type': 'Company'}],
'attack_vector': 'Exploitation of Vulnerability',
'description': 'The industrial behemoths Schneider Electric, werum.com, UCLA '
'(http://ucla.edu), Abbie (http://abbvie.com), and Siemens '
'Energy are among the five new MOVEit attacks victims listed '
'on the dark web leak site for the Clop ransomware '
'organization. Industrial Control Systems (ICS) are offered by '
'Siemens Energy and Schneider Electric and are employed in '
'crucial national infrastructures all over the world. Threat '
'actors assert that by using the recently discovered MOVEit '
'Transfer vulnerability CVE-2023-34362, they were able to '
'breach 100 different businesses.',
'impact': {'systems_affected': ['Industrial Control Systems (ICS)']},
'motivation': 'Financial Gain',
'ransomware': {'ransomware_strain': 'Clop'},
'references': [{'source': 'UCLA', 'url': 'http://ucla.edu'},
{'source': 'Abbie', 'url': 'http://abbvie.com'}],
'threat_actor': 'Clop Ransomware Group',
'title': 'MOVEit Transfer Vulnerability Exploited by Clop Ransomware',
'type': 'Ransomware',
'vulnerability_exploited': 'CVE-2023-34362'}