Cyber Security News Roundup – 12th June 2023
By Emily Davidson
12 June 2023It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.
Clop ransomware claims responsibility for MOVEit extortion attacks
5/6
The Clop ransomware operation returned to the headlines last week, after confirming to Bleeping Computer that they are behind a new wave of cyber-attacks. Clop has been actively exploiting a zero-day vulnerability in the MOVEit file transfer service in order to breach servers and steal data from “hundreds of companies”. A representative from the ransomware group also confirmed that the vulnerability has been exploited since the 27th of May, with Clop known for conducting large-scale attacks during holidays due to minimal staff levels. Clop did not confirm the number of victims that have been breached, however stated that stolen data would be published on their leaks site if ransom demands are not met – the group also did not confirm that extortions had begun, with Clop known to take time (up to a month in some cases) to review what data is valuable for leverage purposes. (Bleeping Computer)
British Airways, Boots and BBC among companies hit by cyber security attack
5/6
British Airways, Boots and the BBC have notified thousands of their employees that they have been affected by suspected Clop breaches targeting the MOVEit file transfer software used by Zellis, a UK payroll provider which serves nearly half of FTSE 100 companies. The Clop attacks highlight the risk of cyber criminals targeting flaws along software supply chains, with eight of Zellis' UK customers known to have been affected, and more expected in the US. It is likely that if Zellis or their partners do not pay ransom demands (which with the Clop operation are regularly above $1 million) then the stolen data will be published and put up for sale – the “hack and leak” nature of the breaches makes it all but certain that the criminals are financially, and not politically, motivated. (Financial Times)
Japanese pharma giant Eisai discloses ransomware attack
8/6
One of Japan’s largest pharmaceutical companies, Eisai, have fallen victim to a ransomware incident that saw cyber criminals encrypt several of their servers. The incident was first detected on the 3rd of June, which led to Eisai implementing their incident response plan and launching an investigation, as well as notifying the relevant authorities. Immediately after discovering the attack Eisai took many of their IT systems offline to contain any damage and prevent further spread, and until their investigations have concluded Eisai has been forced to keep several of its systems, including both inside and outside of Japan, offline. It is still being investigated, however there is a potential risk of data leakage. (Bleeping Computer)
HSE impacted by cyber attack involving outside provider
9/6
The Health Service Executive of Ireland became yet another victim of the MOVEit zero-day vulnerability attacks last week. The HSE first became aware of the incident on the 8th of June, after being alerted by their external service provider EY. In a statement, the HSE confirmed that the attack was criminal in nature, with stolen data including names, addresses, mobile numbers, and general information, but no other personal identification data or financial information. Ireland’s Health Service Executive was previously the victim of a major cyber attack in May 2021, with the State spending watchdog outlining €657 million of investment required to implement cyber security measures over 7 years. (RTÉ)
University of Manchester hit by cyber attack
10/6
The University of Manchester has been targeted by a cyber attack, with the university's chief operating officer comfirming that data may have been copied. The university stated that there was no known link between this incident and the recently exploited MOVEit zero-day vulnerability, adding that staff are working around the clock to resolve the incident. The Information Commissioner's Office, the National Cyber Security Centre and National Crime Agency have also been notified and are now working with the university (BBC News)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!
Latest resources
Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation
Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.
Play your virtualisation cards right with Red Hat OpenShift
If you’re the customer of one very large virtualisation vendor, you may feel like you’ve been dealt a pretty bad hand over the last few months. With the long-term impact of new licensing and support programmes up in the air, organisations are seeking guidance from IT service providers on how they can best plan for, and manage, their virtualised infrastructure going forward.
💚 Celerity Goes Green: Supporting Marine Conservation with a Beach Clean 🏝️
Celerity has engaged with the Marine Conservation Society since 2024, to support their public Beach Clean events around the UK. MCS is the UK’s marine conservation charity, working to solve the climate crisis, protect marine wildlife and clean up our oceans.