cyberscoop.com Open in urlscan Pro
18.173.187.69  Public Scan

Form analysis
1 forms found in the DOM

GET https://cyberscoop.com/

<form role="search" id="searchform" class="site-search" method="get" action="https://cyberscoop.com/">
  <meta itemprop="target" content="https://cyberscoop.com/?s={s}">
  <label class="screen-reader-text" for="search-field"> Search for: </label>
  <input class="site-search__input js-site-search-input" itemprop="query-input" type="text" id="search-field" value="" placeholder="Search news, people, podcasts, videos" name="s">
  <button class="site-search__button">
    <svg class="icon icon--search" width="19" height="19" fill="none" viewBox="0 0 19 19" xmlns="http://www.w3.org/2000/svg">
      <path
        d="M7.9.7a6.805 6.805 0 0 0-6.8 6.8c0 3.752 3.048 6.8 6.8 6.8a6.757 6.757 0 0 0 3.975-1.288l5.262 5.25 1.125-1.125-5.2-5.212A6.77 6.77 0 0 0 14.7 7.5c0-3.752-3.048-6.8-6.8-6.8Zm0 .8c3.319 0 6 2.681 6 6s-2.681 6-6 6-6-2.681-6-6 2.681-6 6-6Z"
        fill="currentColor" stroke="currentColor"></path>
    </svg>
    <span class="visually-hidden">Search</span>
  </button>
</form>

Text Content

Skip to main content
Advertisement

 * FedScoop
 * DefenseScoop
 * CyberScoop
 * StateScoop
 * EdScoop
 * WorkScoop

Advertise Search Close
Search for: Search

Open navigation
 * Topics
   Back
    * Cybercrime
    * Commentary
    * Financial
    * Government
    * Policy
    * Privacy
    * Technology
    * Threats
    * Research
    * Workforce

 * Special Reports
 * Events
 * Podcasts
 * Videos
 * Insights
 * Subscribe to Newsletters
 * Advertise
 * Ukraine

Switch Site
 * FedScoop
 * DefenseScoop
 * CyberScoop
 * StateScoop
 * EdScoop
 * WorkScoop

Subscribe
Advertisement

Subscribe to our daily newsletter.
Subscribe
Close
 * Cybercrime


TWO MAJOR ENERGY CORPORATIONS ADDED TO GROWING MOVEIT VICTIM LIST

Leading global energy companies Schneider Electric and Siemens Energy are the
latest victims in the MOVEit vulnerability.

By Christian Vasquez

June 27, 2023

The Emsland Nuclear Power Plant (KKE) is located near Lingen in the Emsland
district, Lower Saxony/ Germany (built 1988).

Two major energy corporations have fallen victim to the MOVEit breach, the
latest targets in an ongoing hacking campaign that has struck a growing number
of organizations including government agencies, states and universities.

CL0P, the ransomware gang executing the attacks, added both Schneider Electric
and Siemens Energy to its leak site on Tuesday. Siemens confirmed that it was
targeted; Schneider said it is investigating the group’s claims.

Since early June, the hacking campaign has added more than 100 victims after
CL0P began to take advantage of a vulnerability in MOVEit, a widely used file
transfer tool from Progress Software. Multiple federal agencies, including two
Department of Energy entities, have been affected by the vulnerability, federal
authorities have said. Additional reporting has indicated that the Department of
Agriculture may have had a “possible breach” and the Office of Personnel
Management is also affected.

Both Siemens Energy and Schneider Electric are among the largest vendors in
industrial control systems, though there is little indicated of what information
the hackers may have pilfered. Cybersecurity and Infrastructure Security Agency
Director Jen Easterly has previously said that the MOVEit campaign appears to be
largely opportunistic and the stolen files may be limited to what was in the
software at the time the bug was exploited.

Advertisement


“As far as we know, the actors are only stealing information that is
specifically being stored on the file transfer application at the precise time
that the intrusion occurred,” Easterly said on June 15.

“Regarding the global data security incident, Siemens Energy is among the
targets. Based on the current analysis, no critical data has been compromised
and our operations have not been affected. We took immediate action when we
learned about the incident,” a Siemens spokesperson said in an email.

A Schneider spokesperson said that the company became aware of the vulnerability
on May 30 and “promptly deployed available mitigations to secure data and
infrastructure and have continued to monitor the situation closely.”

“Subsequently, on June 26th, 2023, Schneider Electric was made aware of a claim
mentioning that we have been the victim of a cyber-attack relative to MOVEit
vulnerabilities. Our cybersecurity team is currently investigating this claim as
well,” the spokesperson said in an email.

Since the Russian-speaking CL0P began publicizing its victims, state and local
governments appear to have been heavily affected by the campaign as at least
seven have been hit, including the nation’s largest public-employee pension fund
the California Public Employees’ Retirement System. Over the weekend, around
45,000 New York City public school students had their personal data stolen which
included information like Social Security numbers, StateScoop reported.

Advertisement


The State Department has offered a $10 million reward for information leading to
the actors linking to the CL0P ransomware gang.

IN THIS STORY

 * cybercrime
 * energy
 * hacking
 * industrial control systems (ICS)
 * MOVEit Transfer

Share
 * Facebook
 * LinkedIn
 * Twitter
 * Copy Link

Advertisement

Advertisement



MORE LIKE THIS


 1. DOJ ESTABLISHES CYBERCRIME ENFORCEMENT UNIT AS U.S. WARNINGS MOUNT OVER
    CHINESE HACKING
    
    By AJ Vicens


 2. RUSSIAN NATIONAL ARRESTED IN ARIZONA, CHARGED FOR ALLEGED ROLE IN LOCKBIT
    RANSOMWARE ATTACKS
    
    By AJ Vicens


 3. TWO ENERGY DEPARTMENT ENTITIES BREACHED AS PART OF MASSIVE MOVEIT COMPROMISE
    
    By Christian Vasquez AJ Vicens

Advertisement



TOP STORIES


 1. THE POTENT CYBER ADVERSARY THREATENING TO FURTHER INFLAME IRANIAN POLITICS
    
    By AJ Vicens

Advertisement



MORE SCOOPS

spectrum abstract


US CYBER OFFICIALS OFFER TECHNICAL DETAILS ASSOCIATED WITH CL0P RANSOMWARE
ATTACKS

CISA and the FBI offered details to help organizations protect themselves
against the group that has claimed hundreds of victims.
By AJ Vicens
(Getty Images)


INDUSTRIAL SECURITY VENDORS PARTNER TO SHARE INTELLIGENCE ABOUT CRITICAL
INFRASTRUCTURE THREATS

By Christian Vasquez
Chicago, Illinois at night. (Getty Images)


THE ENERGY DEPARTMENT’S PUESH KUMAR ON GRID HACKING, UKRAINE AND PIPEDREAM
MALWARE

By Christian Vasquez


MORE VULNERABILITIES IN INDUSTRIAL SYSTEMS RAISE FRESH CONCERNS ABOUT CRITICAL
INFRASTRUCTURE HACKS

By Christian Vasquez


FEDS WARN ABOUT FOREIGN GOVERNMENT-CONNECTED HACKERS AIMING TO DISRUPT VITAL
INDUSTRIAL SYSTEMS

By Tim Starks


DOJ UNSEALS CHARGES AGAINST RUSSIANS IN ATTEMPTED HACKS OF INFRASTRUCTURE,
INCLUDING TRISIS CASE

By Joe Warminsky


ELECTRIC EQUIPMENT VENDOR SCHWEITZER JOINS US TESTING PROGRAM TO DEFEND GRID
FROM HACKING THREATS

By Sean Lyngaas


LATEST PODCASTS

LEIDOS’ PAUL BUTTERFLOSS ON BEST ROI FOR CYBER TECHNOLOGY

TRELLIX’S TOM GANN ON HELPING GOVERNMENT DELIVER BETTER CITIZEN SERVICES

GOOGLE’S DAN PRIETO ON THE GOVERNMENT’S “DRAMATIC STRIDES” IN REORIENTING CYBER
STRATEGY

WHY PIG BUTCHERING IS THE WORST KIND OF ONLINE SCAM


TECHNOLOGY

 * FTC settles with Amazon Ring over hacking, security incidents
 * US intelligence research agency examines cyber psychology to outwit criminal
   hackers
 * Reality check: What will generative AI really do for cybersecurity?
 * When it comes to online scams, 'ChatGPT is the new crypto'


GOVERNMENT

 * Treasury sanctions two Russian intelligence officers for election influence
   operations
 * Federal incentives could help utilities overcome major cybersecurity hurdle:
   money
 * A year after Dobbs, federal privacy legislation to protect abortion seekers
   remains stalled
 * FTC accuses genetic testing company of exposing sensitive health data


THREATS

 * Apple issues emergency patch to address alleged spyware vulnerability
 * Microsoft identifies new hacking unit within Russian military intelligence
 * Researchers unpack massive email scam targeting dozens of companies
 * DOJ charges two Russian nationals with historic Mt. Gox hack


POLICY

 * New FCC privacy task force takes aim at data breaches, SIM-swaps
 * White House needs to urgently fix nation's approach to protecting critical
   infrastructure, group says
 * White House plan to implement cyber strategy includes ambitious digital
   education effort
 * Coming to DEF CON 31: Hacking AI models

Advertisement

About Us
 * FedScoop
 * DefenseScoop
 * StateScoop
 * EdScoop
 * CyberScoop
 * WorkScoop

 * Newsletters
 * Advertise with us
 * Ad specs
 * (202) 887-8001
 * hello@cyberscoop.com

 * FB
 * TW
 * LinkedIn
 * IG

Close Ad

Continue to CyberScoop