As Hitachi Energy blames its recent attack by the CLOP ransomware group on a vulnerability in Fortra’s GoAnywhere, BlueVoyant’s Director of External Assessment, Lorri Janssen-Anessi told IT Supply Chain how she believes organisations can avoid similar third-party attacks.
“It is unfortunate to hear of another organisation compromised through a third party. What can you do as an organisation to help prevent the same situation?
First ensure that you are keeping your software, operating systems, and browsers up to date.
Second, if there is a vulnerability announced, such as the vulnerability exploited by the CLOP ransomware group in the attack (CVE-2023-0669 a remote code execution flaw) it is imperative that you patch it immediately. In the case of Hitachi Energy, this vulnerability was disclosed in February after attacks were already noted that were detected and a patch was released a week later. This particular vulnerability was rated with a severity score of high.
Finally, you must act quickly and ensure that your third-party vendors are also attending to patching these vulnerabilities. Sadly, even an organisation with a comprehensive cybersecurity program can fall prey to a ransomware attack if its third-party vendors are not held to the same standard. It is clear that threat actors will continue to exploit these vulnerabilities and in many cases will do so quickly.”