U.S. cybersecurity officials have warned a Russian cyber-extortion gang’s hack of a file-transfer program popular with corporations could have widespread global impact. In Georgia, the victims may include the University System of Georgia, among others.
The hack attributed to the Cl0p ransomware syndicate is aimed at users of the MOVEit Secure File Transfer and Automation software.
In a joint advisory issued June 7, the U.S. Cybersecurity and Infrastructure Security Agency and FBI said Cl0p “is estimated to have “compromised more than 3,000 U.S.-based organizations and 8,000 global organizations.”
“Due to the speed and ease (with which it) has exploited this vulnerability, and based on their past campaigns, FBI and CISA expect to see widespread exploitation of unpatched software services in both private and public networks.”
Cl0p claims it does not extort governments, cities or police agencies, but cybersecurity experts say that’s likely a tactic to try to avoid direct conflict with law enforcement and that the financially motivated gang can’t be trusted to keep its promise to erase data stolen from those targets.
Here are some of the steps the U.S. advisory recommended to minimize the risk to customers of the MoveIt software:
This is a developing story. Return to ajc.com for updates