Jul 21 – News about the MOVEit transfer vulnerability began to pour in just after the long U.S. Memorial Day holiday this year. Numerous corporate groups and federal agencies were breached amidst the incident, with data stolen. Now, analysts report that corresponding breach fallout is affecting companies that don’t even use the file sharing product.
Although awareness of software supply chain entanglement has increased in recent years, security experts note that the MOVEit hack provides a reminder as to how frequently organizations depend on and share data with third-party entities. Complex webs of dependencies can mean that organizations may have been exposed to the attack, but may not be aware of it.
Software supply chain
“Whether or not it be attacks like this MOVEit Transfer example, or even past high-impact intrusions like the Kaseya VSA ransomware incident or SolarWinds exploitation, all of these attacks have a certain supply chain aspect that absolutely expands the potential number of victims, bleeding into downstream organizations and the provider/customer relationship,” said security researcher John Hammond.
CISA and FBI reward
Meanwhile, U.S. government agencies are offering a $10 million reward to anyone who can provide intelligence pertaining to the Clop ransomware gang. The Reward for Justice program was established in 1984 as an anti-terrorism measure, however, it has since been expanded to include cyber crime (and cyber terrorism).
As of July 19th, 383 organizations have suffered compromise on account of the MOVEit Transfer vulnerabilities and more than 20 million individuals have had their data exposed. The total number of victims is poised to keep growing. There is no indication that the impact was overly concentrated in any particular industry sector.
As attacks like these may become more frequent, it’s critical for organizations to maintain a robust cyber resilience strategy. Please see CyberTalk.org’s past resilience coverage here. Lastly, to receive more timely cyber security news, insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.