02.06.2023 - The file transfer software called «MOVEit», which is mainly used by businesses, has a critical vulnerability that is already being exploited by cybercriminals. The attackers are exploiting the vulnerability to steal files from the file transfer software. The NCSC started to receive corresponding reports from organisations in Switzerland on 1 June. The NCSC recommends applying the security patch as quickly as possible.
The manufacturer of «MOVEit» informed its customers about the critical vulnerability in the file transfer software on 1 June and recommended that they check their «MOVEit» installation for signs of a potential compromise.
The NCSC is aware of victims in Switzerland that have actually been compromised. As a result, it is recommending that businesses take the affected system offline as a matter of urgency, check it for any compromise and apply the latest security patches. It is also advisable to change the passwords used.
A step-by-step guide in English and the security patches can be found at the following link:
Taking personal responsibility
The NCSC is appealing to businesses and critical infrastructure operators to take responsibility for their own security, emphasising the risk of being compromised and the associated damage (e.g. data theft).
Patches for highly critical vulnerabilities like this one should be applied as quickly as possible, i.e. outside the regular maintenance windows.
Last modification 02.06.2023