The Cybersecurity and Infrastructure Security Agency and the FBI have jointly published recommendations to protect organizations against potential attacks by a group called CL0P Ransomware Gang.
CISA announced Wednesday that its new cybersecurity advisory is meant to warn and guide companies and other institutions after Internet-facing web applications were infected with malware traced from the cybercriminals.
The CL0P Ransomware Gang reportedly exploited a vulnerability in a structured query language in MOVEit, a managed file transfer platform developed by Progress Software. Beginning last month, the group infected web applications that used MOVEit and stole data from their underlying databases.
CISA and FBI urged organizations to conduct an inventory that identifies their authorized and unauthorized devices and software. The agencies also reminded that administrator privileges and access should be limited and granted only when necessary.
Software and applications should always be patched and updated to the latest version, and vulnerability assessments should be performed regularly, according to the advisory. The agencies stressed that firewalls, routers and other network infrastructure devices should be strengthened with security configurations and monitored habitually.
