News Tech

The MOVEit mass hacks hold a valuable lesson for the software industry

The MOVEit mass hacks will likely go down in history as one of the largest and most successful cyberattacks

The MOVEit mass hacks hold a valuable lesson for the software industry

The MOVEit mass hacks will likely go in history as one of the largest and most successful cyberattacks of all time.

By exploiting a vulnerability in Progress 's MOVEit managed file transfer service, used by thousands of organizations to securely transfer large amounts of often-sensitive files, were able to inject SQL commands and access customers' sensitive The attack exploited a vulnerability, which meant Progress was unaware of the flaw and did not have time to it in time, leaving its customers largely defenseless.  

Russia-linked Clop ransomware group, which claimed responsibility for the hacks, has been publicly alleged victims since June 14. This growing includes banks, hospitals, hotels, energy giants and more, and is part of an attempt to pressure victims into paying a demand to stop their data from spilling online. In a post this week, Clop said it would leak on August 15 the “secrets and data” of all MOVEit victims that refused to negotiate.

This wasn't Clop's first mass , either; the group has been blamed for similar hacks targeting Fortra and Acellion's file-transfer tools. 

According to Emsisoft's latest statistics, the MOVEit hack has affected at least 620 known corporates and more than 40 million individuals. Those have increased almost daily since the hacks began.

But how high could the numbers go? “It's impossible to assess at this point,” Brett Callow, a ransomware expert and threat analyst at Emsisoft, told TechCrunch+. “We don't yet know how many organizations were impacted or what data was compromised.”

Callow pointed out that around a third of the known victims were impacted via third parties, and others were compromised via subcontractors, contractors or vendors. “This complexity means it's highly likely that some organizations that have been impacted don't yet know they've been impacted,” he said.

While the impact of this hack is unusual because of its scale, the attack isn't new in terms of its approach. Adversaries have long exploited zero-day flaws, and supply chain attacks have grown prevalent in recent years because one exploit can potentially affect hundreds, not thousands, of customers. 

This means that organizations need to act now to ensure they don't fall victim to the next mass hack. 

Picking up the pieces

For victims of the hacks, it may seem like the damage has already been done and recovery is impossible. But while recovering from an incident like this can take months or years, affected organizations need to act fast to understand not only what types of data were compromised, but also their potential violations of compliance standards or data laws.

About Author

Carly Page

Leave a Reply

SOFAIO BLOG We would like to show you notifications for the latest news and updates.
Dismiss
Allow Notifications