Welcome to the cybersecurity digest for June 2023, where we simplify the tech-speak and give you the must-know information about the latest cybersecurity threats and defenses. Let’s get started!
Multiple companies affected by breach in secure data transfer tool MOVEit
What you need to know:
- The MOVEit Transfer tool, regularly used by many corporations for file transfers, has been breached by cyber criminals who are part of ransomware gangs using a previously unknown vulnerability. Numerous organizations, from U.S. banks and universities to global corporations like Putnam Investments and Shell, fell victim to this breach.
- Confirmed victims include 1st Source, First National Bankers Bank, Putnam Investments, Shell, Datasite, National Student Clearinghouse, and University System of Georgia, among others.
- The ransomware group may have been planning this attack since as far back as 2021, exploiting the MOVEit vulnerability long before it became public knowledge. MOVEit is also used by almost every federal military and civilian agency for transferring mission-critical information, which makes this a particularly devastating breach.
What you need to do:
- If your organization uses MOVEit, ensure that you have applied the latest security patch to remediate the vulnerability.
- It is a generally good practice to maintain close contact with your vendors to stay on top of of any security updates or potential threats.
- Ensure that guidelines on data usage are clearly communicated to teams. A vulnerability management program ensures that you stay on top of security patching and closing crucial gaps in an IT environment.
Distributed Denial of Service attacks target major technology companies and banks
What you need to know:
- Microsoft’s Cloud Services Fall Prey to Novel DDoS Attacks
- Microsoft recently disclosed that it has been under significant Layer 7 DDoS attacks impacting its cloud services, including Microsoft 365 and Azure Portal, launched by a group known as Storm-1359​.
- This situation underlines the fact that even tech giants like Microsoft are not immune to novel cybersecurity threats, and as a leader you still must seriously evaluate risks that come from modern cloud-based technology services for your organization.
- Russian hackers launched a DDoS attack on an important European bank
- The European Investment Bank (EIB) fell victim to a cyberattack, suspected to have been orchestrated by Russian hackers.
What you need to do:
- Consider partnering with a reliable DDoS mitigation service. They can help mitigate a DDoS attack by absorbing and dispersing the attack traffic, ensuring your systems remain accessible during an attack.
- Evaluate key partners’ ability to withstand DDoS attacks, to ensure minimal outages.
- Stay updated on international cybersecurity threats, as these can impact you no matter where you’re based.
- Develop a DDoS incident response plan, so you’re prepared if a DDoS style cyber-attack does occur.
The arrest of LockBit ransomware gang member reveals widespread cybercrime network
What You Need to Know:
- A Russian national, suspected to be part of the globally infamous LockBit ransomware gang, was recently arrested. LockBit has conducted over 1,700 attacks and extracted more than $91 million in ransom payments over the past three years​3​.
- LockBit’s fast-evolving tactics and its loosely networked structure of criminals across the globe make it a particularly dangerous threat.
What You Need to Do:
- Implement a robust email filtering solution like Microsoft Defender for Office 365, as ransomware is commonly delivered via email attachments or links.
- Test your defenses using periodic emulation plans of adversarial tactics and techniques.
Staying informed and proactive is your best defense in this age of ever-evolving cyber threats. As your cybersecurity partner, we’re here to help you navigate these challenges and provide you with the necessary tools and strategies.
Stay safe, stay vigilant, and let’s continue working together to bolster our cybersecurity posture.