Schneider Electric and Siemens Energy Fall Prey to Clop Ransomware Attack

June 27, 2023

The Clop ransomware group has added five new victims to its dark web leak site, including Schneider Electric and Siemens Energy. Both companies are well-known Industrial Control System (ICS) vendors, and their products are utilized in critical national infrastructure worldwide. The threat actors have claimed to have hacked hundreds of companies by exploiting the MOVEit Transfer vulnerability CVE-2023-34362. MOVEit Transfer is a managed file transfer system used by enterprises to securely transfer files using various protocols. The vulnerability, a SQL injection, allows unauthenticated attackers to gain unauthorized access to the MOVEit Transfer database. The Clop ransomware gang, also known as Lace Tempest, was recognized by Microsoft for the campaign exploiting this zero-day vulnerability. Other victims of ransomware attacks exploiting the MOVEit Transfer zero-day include the U.S. Department of Energy, British Airways, Boots, the BBC, Aer Lingus, Ofcom, Shell, University of Rochester, and Gen Digital. The US government, via the U.S. State Department’s Rewards for Justice program, is offering a bounty of up to $10 million for information that links the CL0P Ransomware Gang or any other threat actors targeting U.S. critical infrastructure to a foreign government.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.