HOME

TheInfoList



Click Here for Items Related To - MOVEit
OR:
MOVEit on:   [Wikipedia]   [Google]   [Amazon]

MOVEit is a managed file transfer software product produced by
Ipswitch, Inc. Ipswitch is an IT management software developer for small and medium sized businesses. The company was founded in 1991 and is headquartered in Burlington, Massachusetts and has operations in Atlanta (Alpharetta) and Augusta, Georgia, American F ...
(now part of
Progress Software Progress Software Corporation is an American public company that produces software for creating and deploying business applications. Founded in Burlington, Massachusetts with offices in 16 countries, the company posted revenues of $531.3 mill ...
). MOVEit encrypts files and uses file transfer protocols such as
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
( S) or SFTP to transfer data, as well as providing
automation Automation describes a wide range of technologies that reduce human intervention in processes, mainly by predetermining decision criteria, subprocess relationships, and related actions, as well as embodying those predeterminations in machine ...
services, analytics and failover options. The software has been used in the
healthcare industry The healthcare industry (also called the medical industry or health economy) is an aggregation and integration of sectors within the economic system that provides goods and services to treat patients with curative, preventive, rehabilitative, ...
by companies such as Rochester Hospital and
Medibank Medibank is an Australian private health insurance provider headquartered in Melbourne, Victoria (state), Victoria. It is Australia's largest private health insurance provider, covering around 4.2 million customers in 2024. Medibank initially ...
, as well as thousands of IT departments in high technology, government, and financial service companies like Zellis.


History

MOVEit was released in 2002 by Standard Networks. In 2006, the company released integration between MOVEit and
antivirus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name ...
to stop the transfer of infected files. Ipswitch acquired MOVEit in 2008 when the company purchased Standard Networks. MOVEit Cloud was announced in 2012 as a
cloud-based Cloud computing is "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand," according to International Organization for ...
file transfer File transfer is the transmission of a computer file through a communication channel from one computer system to another. Typically, file transfer is mediated by a communications protocol. In the history of computing, numerous file transfer protoc ...
management software. MOVEit Cloud was the first enterprise-class cloud managed file transfer software. It is scalable and can share files system-to-system, with groups, or person-to-person. In 2013, MOVEit clients were released for the
iOS Ios, Io or Nio (, ; ; locally Nios, Νιός) is a Greek island in the Cyclades group in the Aegean Sea. Ios is a hilly island with cliffs down to the sea on most sides. It is situated halfway between Naxos and Santorini. It is about long an ...
and Android platforms. The release included a configuration wizard, as well as email
encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...
. Ipswitch Analytics was released in 2015 to monitor and report data through the MOVEit software. The analytic data includes an activity monitor and automated report creation. Ipswitch Analytics can access data from MOVEit file transfer and automation servers. That same year, Ipswitch Failover was released. The software can return recovery point objectives (RPO) in seconds with a recovery time objectives (RTO) of less than a minute, which increases the availability of MOVEit.


2023 data breach

On 31 May 2023, Progress reported a
SQL injection In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injec ...
vulnerability in MOVEit Transfer and MOVEit Cloud
CVE-2023-34362
. The vulnerability's use was widely exploited in late May 2023. The 31 May vulnerability allows an attacker to access MOVEit Transfer's database from its web application without authenticating. The attacker may then be able to execute SQL statements that alter or delete entries in the database, and infer information about the structure and contents of the database. Data exfiltration in the widespread May–June attacks by the Russian-speaking cyber crime group Cl0p may have been primarily focused on data stored using
Microsoft Azure Microsoft Azure, or just Azure ( /ˈæʒər, ˈeɪʒər/ ''AZH-ər, AY-zhər'', UK also /ˈæzjʊər, ˈeɪzjʊər/ ''AZ-ure, AY-zure''), is the cloud computing platform developed by Microsoft. It has management, access and development of ...
. Upon discovery, Progress launched an investigation, alerted its customers of the issue and provided mitigation steps (blocking all HTTP and HTTPS traffic to MOVEit), followed by the development and release of a security patch. On 15 June, another vulnerability that could lead to unauthorized access became public
CVE-2023-35708
. In 2023, it was published that the 31 May 2023
zero-day vulnerability A zero-day (also known as a 0-day) is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or z ...
had been exploited by attackers. On 7 June 2023, cyber gang Clop, believed to be Russian-based, made a blog posting saying that they had gained access to MOVEit transactions worldwide, and that organisations using MOVEit had until 14 June to contact Clop and pay a ransom, otherwise stolen information would be published. Details typically include payroll data with fields such as home addresses,
National Insurance number The National Insurance number is a number used in the United Kingdom in the administration of the National Insurance or social security system. It is also used as a ''de facto'' national identification number in the UK, including in the HM Reven ...
s, and bank details, but vary. The group said that they had information from eight UK organisations including the
BBC The British Broadcasting Corporation (BBC) is a British public service broadcaster headquartered at Broadcasting House in London, England. Originally established in 1922 as the British Broadcasting Company, it evolved into its current sta ...
, derived by an attack on
payroll A payroll is a list of employment, employees of a company who are entitled to receive compensation as well as other work benefits, as well as the amounts that each should obtain. Along with the amounts that each employee should receive for time ...
services provider Zellis. It was surmised that contact via blog post rather than email to victims might be due to the enormous number of victims, being too many to handle individually. ; Response The MOVEit team has worked with industry experts to investigate the May 31 incident.
Cybersecurity and Infrastructure Security Agency The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cyber ...
(CISA),
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
,
Mandiant Mandiant, Inc. is an American cybersecurity firm and a subsidiary of Google. Mandiant received attention in February 2013 when it released a report directly implicating China in cyber espionage. In December 2013, Mandiant was acquired by FireE ...
,
Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
, Huntress and Rapid7 have assisted with incident response and ongoing investigations. Cyber industry experts have credited the MOVEit team for its response and handling of the incident by quickly providing patches, as well as regular and informative advisories that helped support rapid remediation. Despite the attempts by the company to remediate the vulnerabilities, hundreds of companies across the world had exorbitant amounts of confidential information stolen due to the weaknesses in the software. The effects of the MOVEit breach are still being revealed as of November 2023. It is estimated that the stolen data will be abused for many years to come.


References

{{reflist, refs= {{cite web, url=http://www.itjungle.com/fhs/fhs092413-story03.html, title=Ipswitch Adds iOS and Android Clients to MFT Suite, date=September 24, 2013, website=, publisher=IT Jungle, access-date=July 20, 2016, author=Alex Woodie {{Cite web, url=http://www.arnnet.com.au/article/559554/medibank-employs-ipswitch-moveit-mft/, title=Medibank employs Ipswitch MOVEit MFT, date=November 13, 2014, website=, publisher=ARN, access-date=July 20, 2016, author=Chris Player {{cite web, url=http://www.tynchannel.com/ipswitch-lanza-nuevas-herramientas-para-proteger-datos-criticos-y-confidenciales/, title=Ipswitch launches new tools to protect critical and confidential date, last=, first=, date=January 4, 2016, website=, publisher=TYN Channel, access-date=July 20, 2016 {{cite web, url=http://resources.healthdatamanagement.com/content34973, title=Rochester General Hospital MOVEit Case Study, last=, first=, date=, website=, publisher=HealthData Management, access-date=July 20, 2016 {{cite web, url=http://www.eweek.com/small-business/ipswitch-analytics-offers-auditable-file-transfers.html, title=Ipswitch Analytics Offers Auditable File Transfers, author=Nathan Eddy, date=June 8, 2015, publisher=eWeek, access-date=July 20, 2016 {{cite web, url=https://www.networkworld.com/article/666073/cloud-computing-file-transfer-systems-adapting-to-today-s-cloudy-conditions.html, title=File transfer systems adapting to today's cloudy conditions, author=Brandon Butler, date=November 13, 2012, publisher=Network World, access-date=July 20, 2016 {{cite web, url=http://talkincloud.com/cloud-computing-mobile-services/ipswitch-adds-mobile-support-moveit-cloud-80, title=Ipswitch Adds Mobile Support to MOVEit Cloud 8.0, author=Chris Talbot, date=November 15, 2015, publisher=Talkin Cloud, access-date=July 20, 2016 {{cite web, url=https://www.complianceweek.com/blogs/grc-announcements/ipswitch-file-transfer-launches-moveit-cloud-moveit-ad-hoc-transfer#.VzX-E5MrIch, title=Ipswitch FIlp Transfer Launches MOVEit Cloud & MOVEit Ad Hoc Transfer, date=November 6, 2012, publisher=Compliance Week, access-date=July 20, 2016 {{cite web, url=https://cyberpress.de/2016/04/ipswitch-moveit-organisiert-dateiuebertragungen-ueber-eine-einzige-oberflaeche/, title=MOVEit organized file transfers from a single interface, author=Kathrin Jannot, date=April 4, 2016, publisher=Cyber Press, access-date=July 20, 2016 {{cite web, url=http://www.businesswire.com/news/home/20060418005291/en/MOVEit-Central-File-Transfer-Management-Offers-Real-Time, title=MOVEit Central File Transfer Management Offers Real-Time, date=April 18, 2006, publisher=Business Wire, access-date=July 20, 2016 {{cite web, url=http://www.networkworld.com/article/2283555/infrastructure-management/ipswitch-gets-compliance-with-standard-networks-buy.html, title=Ipswitch gets compliance with Standard Networks buy, author=Tom Jowitt, date=February 19, 2008, publisher=Network World, access-date=July 20, 2016 {{cite web, url=http://www.apmdigest.com/ipswitch-delivers-zero-downtime-and-no-data-loss-with-new-failover-solution-for-managed-file, title=Ipswitch Delivers Zero Downtime and No Data Loss with New Failover Solution for Managed File Transfer, date=September 23, 2015, publisher=APM Digest, access-date=July 20, 2016 {{cite web, url=http://wtnnews.com/articles/700/, title=Standard Networks releases secure transfer client, date=March 24, 2004, publisher=WTN News, access-date=July 20, 2016 File transfer protocols Managed file transfer