BOSTON, June 22, 2023 The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned on June 7, 2023, that the Cl0P ransomware gang (TA505) was exploiting a vulnerability in the Managed File Transfer (MFT) application MOVEit Transfer, via a structured query language (SQL) attack vector. Due to the “speed and ease TA505 has exploited this vulnerability, and based on their past campaigns, FBI and CISA expect to see widespread exploitation of unpatched software services in both private and public networks.”
CISA Executive Director for Cybersecurity Eric Goldstein said that the agency "remains in close contact with Progress Software and our partners at the FBI to understand prevalence within federal agencies and critical infrastructure."
CYNAMICS, a patented next-generation AI-driven threat prediction platform, has asked CISA to provide the detailed technical profile of the MOVEit breach to recreate the environment, test against it and provide a playbook for expedited detection & resolution.
Dr. Aviv Yehezkel, Cynamics CTO, states “New sophisticated threats are emerging on a daily basis and are continually missed by legacy solutions that are trained for specific attacks and look for specific signatures. This is exactly the case with MOVEit. Cynamics patented AI threat prediction is the answer: combining AI and deep learning to autonomously detect and analyze patterns across networks, using less than 1% of the flow data to provide 100% coverage. This is entirely agnostic to the malware type and characteristics, thus enabling to reveal unknown threats and attack vectors that are completely blind-spotted by the legacy approaches”.
Cynamics CEO, Eyal Elyashiv, is committed to protecting critical government infrastructure, “Cynamics takes immense pride in its mission to safeguard critical infrastructure. Our dedicated team works tirelessly to provide cutting-edge solutions to ensure the highest level of protection for these vital systems. We understand the significance of our role in maintaining the security and integrity of our nation’s infrastructure and we remain committed to delivering excellence in next-generation threat prediction”.
In the interim, Cyanmics will leverage its best practices expertise to provide ongoing support to government agencies and look for similar opportunities to provide best-in-class playbooks for detection and resolution of the most challenging use cases.
