FIS Global, a leading provider of technology solutions for the financial industry, has been targeted in a cyber attack by the Cl0p ransomware gang. The attack is believed to have exploited the MOVEit vulnerability, which has impacted organizations worldwide. FIS Global plays a crucial role in facilitating the movement of approximately $9 trillion and processing around 75 billion transactions for over 20,000 clients worldwide.
The news of the FIS data breach was first shared by threat analyst Brett Callow on Twitter. He accompanied his tweet with an image that had been previously used by the Cl0p ransomware gang during recent MOVEit cyber attacks. In a direct message to FIS Global, the threat actor expressed their disappointment with the company’s inadequate security practices, accusing them of neglecting the security of customer data.
The cyber attack on FIS Global is just one in a series of incidents targeting companies that use MOVEit. The Cl0p ransomware gang has taken responsibility for these data theft incidents involving MOVEit Transfer. Among the additional victims listed by the group are the University of California, Los Angeles, Siemens Energy, Abbvie Inc, and Schneider Electric. The cybercriminals behind Cl0p ransomware have caused significant harm, with 121 organizations falling victim to their online extortion activities. It is estimated that at least 15 million people have been affected.
Recognizing the severity of the situation, the U.S. State Department has offered a substantial reward of up to $10 million for any information linking the Cl0p Ransomware Gang or other malicious cyber actors targeting critical U.S. infrastructure to a foreign government. This reward is part of the State Department’s Rewards for Justice (RFJ) program, originally established in 1984 to combat terrorist threats. The aim is to encourage individuals with knowledge of these cybercriminals to come forward and provide vital information. The RFJ program has specified that information can be shared through various secure channels, including Signal, Telegram, WhatsApp, or the Tor-based tip line.
The offering of this reward follows the confirmation by the Cybersecurity and Infrastructure Security Agency (CISA) that a cyberattack had affected several federal agencies, compromising their MOVEit applications. CISA and the FBI have released a joint cybersecurity advisory, cautioning that cyber threat actors may exploit vulnerabilities in Progress Software’s managed file transfer solution, MOVEit. These agencies have tied the exploitation of this vulnerability to the Cl0p Ransomware Gang.
It is crucial for organizations to take immediate action to protect themselves against these types of cyber threats. Implementing robust security measures, such as regularly updating software and maintaining strong data encryption practices, can help mitigate the risk of falling victim to ransomware attacks. Additionally, organizations should invest in comprehensive cybersecurity training for employees to raise awareness about potential phishing attempts and other malicious activities.
As the investigation into the cyber attack on FIS Global continues, it is important for companies and individuals to stay vigilant and report any suspicious activities to the appropriate authorities. The collaboration between government agencies, cybersecurity experts, and the public is crucial in combating and preventing cybercrime.