MOVEit hack: Ofcom latest confirmed victim – key learnings

381 Views

Cyber extortion activity has reached a new high in the first quarter of 2023 and the recent MOVEit data breach is a stark reminder that threat actors are always on the lookout to wreak havoc. In this case, companies using the MOVEit software became potential targets as it appears that hackers affiliated with the Cl0p group orchestrated a mass attack to find and compromise their servers.

Accounting for a staggering 36% of all victims in 2022, it is not surprising that large organisations are becoming a preferred target for cyber extortion due to handling thousands of pieces of personal data. Whilst this remains true in the case of the MOVEit breach, medium and small sized organisations are not safe either, as cyber criminals are opportunistic by nature. Cl0p is one of the several Cyber Extortion groups like this.

In 2022, Orange Cyberdefense monitored 69 active threat actor groups, 38 of which operated a leak site on the dark web to extort their victims. Cl0p is only responsible for around 1% of the victims we were able to identify, and they appear to have focused on stealing data, rather than encrypting computers. Highly sensitive data such as employee contacts, or bank details can easily be leveraged by hackers, and by demanding a ransom payment to retrieve the data instead of making it publicly available can offer significant financial benefit.

It is also worth mentioning that the criminals have already made a general call to companies deploying the MOVEit software to make themselves known and begin negotiations in exchange of data. This represents a classic case of cyber extortion which is becoming a more prevalent issue, adding extra pressures on the already strained security teams.

While we see positive developments in organisations and global governments cracking down on cybercrime, there’s more that still needs to be done. Industry-wide collaboration will prove crucial in lowering the risks of another wide scale data breach. Sharing information about threats and attacks will help organisations be prepared to mitigate any upcoming risks and achieve a more secure future.