The five new MOVEit assaults victims revealed on the dark web leak site for the Clop ransomware organization include the industrial behemoths Siemens Energy, Schneider Electric, werum.com, UCLA (http://ucla.edu), Abbie (http://abbvie.com), and Abbie. Worldwide, vital national infrastructures use Industrial Control Systems (ICS) from Siemens Energy and Schneider Electric.
Threat actors claim they were able to compromise 100 different firms utilising the most recently revealed MOVEit Transfer vulnerability CVE-2023-34362.
The US government offers rewards for information that leads to the arrest, indictment, or location of danger actors.
Source: https://securityaffairs.com/147865/data-breach/schneider-electric-siemens-energy-moveit.html
TPRM report: https://scoringcyber.rankiteo.com/company/siemens-energy
"id": "sie0403723",
"linkid": "siemens-energy",
"type": "Ransomware",
"date": "06/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Energy',
'name': 'Siemens Energy',
'size': 'Large',
'type': 'Industrial'},
{'industry': 'Energy',
'name': 'Schneider Electric',
'size': 'Large',
'type': 'Industrial'},
{'industry': 'Technology',
'name': 'werum.com',
'type': 'Commercial'},
{'industry': 'Education',
'location': 'Los Angeles, CA, USA',
'name': 'UCLA',
'size': 'Large',
'type': 'Educational'},
{'industry': 'Pharmaceuticals',
'name': 'AbbVie',
'size': 'Large',
'type': 'Corporate'}],
'attack_vector': 'Exploit of MOVEit Transfer vulnerability',
'description': 'The Clop ransomware group has exploited the MOVEit Transfer '
'vulnerability CVE-2023-34362 to compromise 100 different '
'firms, including industrial giants Siemens Energy and '
'Schneider Electric, as well as other entities such as '
'werum.com, UCLA, and AbbVie.',
'impact': {'systems_affected': ['Industrial Control Systems (ICS)']},
'motivation': 'Financial gain, data theft',
'ransomware': {'ransomware_strain': 'Clop'},
'references': [{'source': 'Dark Web Leak Site'}],
'threat_actor': 'Clop ransomware group',
'title': 'MOVEit Transfer Vulnerability Exploited by Clop Ransomware Group',
'type': 'Ransomware',
'vulnerability_exploited': 'CVE-2023-34362'}