Cyber Security News Roundup – 12th June 2023
By Emily Davidson
12 June 2023
It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.
Clop ransomware claims responsibility for MOVEit extortion attacks
5/6
The Clop ransomware operation returned to the headlines last week, after confirming to Bleeping Computer that they are behind a new wave of cyber-attacks. Clop has been actively exploiting a zero-day vulnerability in the MOVEit file transfer service in order to breach servers and steal data from “hundreds of companies”. A representative from the ransomware group also confirmed that the vulnerability has been exploited since the 27th of May, with Clop known for conducting large-scale attacks during holidays due to minimal staff levels. Clop did not confirm the number of victims that have been breached, however stated that stolen data would be published on their leaks site if ransom demands are not met – the group also did not confirm that extortions had begun, with Clop known to take time (up to a month in some cases) to review what data is valuable for leverage purposes. (Bleeping Computer)
British Airways, Boots and BBC among companies hit by cyber security attack
5/6
British Airways, Boots and the BBC have notified thousands of their employees that they have been affected by suspected Clop breaches targeting the MOVEit file transfer software used by Zellis, a UK payroll provider which serves nearly half of FTSE 100 companies. The Clop attacks highlight the risk of cyber criminals targeting flaws along software supply chains, with eight of Zellis' UK customers known to have been affected, and more expected in the US. It is likely that if Zellis or their partners do not pay ransom demands (which with the Clop operation are regularly above $1 million) then the stolen data will be published and put up for sale – the “hack and leak” nature of the breaches makes it all but certain that the criminals are financially, and not politically, motivated. (Financial Times)
Japanese pharma giant Eisai discloses ransomware attack
8/6
One of Japan’s largest pharmaceutical companies, Eisai, have fallen victim to a ransomware incident that saw cyber criminals encrypt several of their servers. The incident was first detected on the 3rd of June, which led to Eisai implementing their incident response plan and launching an investigation, as well as notifying the relevant authorities. Immediately after discovering the attack Eisai took many of their IT systems offline to contain any damage and prevent further spread, and until their investigations have concluded Eisai has been forced to keep several of its systems, including both inside and outside of Japan, offline. It is still being investigated, however there is a potential risk of data leakage. (Bleeping Computer)
HSE impacted by cyber attack involving outside provider
9/6
The Health Service Executive of Ireland became yet another victim of the MOVEit zero-day vulnerability attacks last week. The HSE first became aware of the incident on the 8th of June, after being alerted by their external service provider EY. In a statement, the HSE confirmed that the attack was criminal in nature, with stolen data including names, addresses, mobile numbers, and general information, but no other personal identification data or financial information. Ireland’s Health Service Executive was previously the victim of a major cyber attack in May 2021, with the State spending watchdog outlining €657 million of investment required to implement cyber security measures over 7 years. (RTÉ)
University of Manchester hit by cyber attack
10/6
The University of Manchester has been targeted by a cyber attack, with the university's chief operating officer comfirming that data may have been copied. The university stated that there was no known link between this incident and the recently exploited MOVEit zero-day vulnerability, adding that staff are working around the clock to resolve the incident. The Information Commissioner's Office, the National Cyber Security Centre and National Crime Agency have also been notified and are now working with the university (BBC News)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!
Latest resources
5 questions to ask when choosing an IT Managed Service Provider
How to pick the right IT Managed Service Provider How are organisations slashing IT costs by up to 45% and boosting operational efficiency by as much as 65%? By investing in high-impact information technology security services from managed service providers (MSPs). Leveraging managed IT services gives you the power to transform your business, delivering significant […]
Would your business recover quickly from a cyber-attack?
Imagine waking up to find your entire business offline, customer data compromised, and operations at a standstill. Your reputation has taken a significant hit, and you need to start rebuilding. Cyber-attacks are not just IT’s problem; they are a threat to your business’ survival. The faster you recover, the less damage your organisation suffers. However, […]
How to manage your software licences effectively
Your guide to software licence management Managing software licences is crucial for organisations to ensure compliance and maintain operational efficiency. Without proper oversight, software licensing can lead to unnecessary and insidious expenses, reputational damage, legal risks, and inefficiencies. “If a company does not have a good picture of their software landscape, they could end up […]
