You don’t have to look far in the news to find evidence of the latest cybersecurity breach. 2023 is a year of mounting ransomware attacks.
Read more about the largest ransomware attack of the year, the type of zero-day vulnerability exploited within the MOVEit software and what you can do to stay as safe as possible online.
Ransomware on the rise
Unfortunately, ransomware is a risk to anyone using a computer. Private individuals, businesses, organisations and even governments are all at risk.
Ransomware particularly, which is a type of malware, is on the increase. 2023 has seen a spike in ransomware attacks, with one notable attack receiving significant press coverage for the fact its victims in the UK include British Airways, Boots and the BBC.
The ‘largest hack of 2023’
Termed the ‘largest hack of 2023’ the ransomware attack has been said to have affected over 1000 organisations and over 60 million individuals. The victims, throughout the world, are, in the majority, from the US, while just over 2% are based in the UK.
Through one US victim alone, a US government services contractor, there has been a resulting impact on 11 million individuals and their data.
What caused the largest hack of 2023?
MOVEit, which is a popular piece of software used for moving sensitive files securely around the world, was hacked by cybercriminals who discovered and exploited a zero-day vulnerability they found within the software.
The UK’s National Cyber Security Centre, in response to the attack issued a response urging organisations using the MOVEit software to run their security updates as soon as possible. And, in line with advice for all known cybersecurity attacks on identified software, for organisations to check their supply chains thoroughly for use of the compromised software.
Advice from the UK’s National Cyber Security Centre (NCSC)
The NCSC offers advice for those affected by the MOVEit attack as well as guidance for organisations on how to check their supply chains.
The NCSC continue to monitor the hack and report on other security incidents. Organisations unfamiliar with the news source are advised to keep track of vital news and advice on the NCSC news page on a regular basis.
What’s a zero-day vulnerability?
In simple terms, a zero-day vulnerability is a vulnerability in a piece of software that hasn’t yet been detected by the developers, so there is no patch or ‘fix’ yet available for it.
While ransomware attacks have not commonly been carried out through zero-day vulnerabilities, this recent attack is one of the most significant to date.
The MOVEit attack alone has estimated costs of nearly 10 billion dollars, with the ransomware group’s earning from it estimated to be a 100 million dollars.
Should you pay a ransom to a cybercriminal?
Advice from the NCSC is clear, they do not endorse or encourage payment to cybercriminals since this only incentivises criminal activity and future hacking attempts. Plus, there is zero guarantee a paying victim will get their data returned to them uncompromised.
While ransomware is designed to deny a user access to their data, files and/or systems and it may seem that the easiest thing for a victim to do is pay the ransom, their data can still be freely available on the dark web for resale.
The NCSC has further guidance on ransomware, including what you can do to best guard against ransomware in the future.
Run vital software updates
Software updates might not protect all software against zero-day vulnerabilities exploited by cybercriminals. However, earlier patches may prove to be some effect against later vulnerabilities and therefore it’s always vital to keep up to date with all software updates as they become available.
Speak to your IT services provider
Your IT services provider should be aware of known situations regarding vulnerabilities, as details come to light in the national and sector-specific press.
Web application firewalls may prove to be of some effect against incoming threats with up-to-date vulnerability reports indicating where defence tactics are best deployed.
If you need help, or reassurance, regarding your IT systems and security of your data, get in touch with the Cultrix team. We’re IT security experts and make it our business to protect yours to be the most robust possible against cybercriminals.
< Read more articles on our IT Academy
Business services like IT support, when they work properly, are a true partner to business. Here’s what it’s like when your IT support is a true partner.
If it can happen to McAfee, UNICEF and eBay…
It’s a wake-up call for brands – the SubdoMailing attack sees 8000 household names’ domains hijacked and exploited. Here’s why and how to protect your brand.