News
Ransomware volumes at record high after Clop’s MOVEit attacks - IEEE comments
September 2023 by Kevin Curran, IEEE senior member and professor of cybersecurity at the University of Ulster
MOVEit attacks have driven ransomware attacks to a record high, according to statistics collected by NCC Group’s global threat intelligence team*. In July, the number of attacks increased by 150 percent, compared to July 2022. The bulk of attacks stemmed from the exploitation of a vulnerability in Progress Software’s MOVEit managed file transfer product. To date, the attacks have impacted around 750 organisations and between 42-47 million individuals.
Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, comments on the practical steps companies can take to ensure that a similar incident doesn’t happen to them:
c boguslaw mazu
"WannaCry was one of the first worldwide cyberattacks to establish ransomware as a major cyberthreat vector. Since then, the threat landscape has shifted considerably. Attacks have grown in sophistication and threat actors have gone to a great effort to remain under the radar of leading AV solutions. Although most organisations will have built policies and procedures which protect individuals and the organisations infrastructure, it is unlikely that they have this level of contingency plans in place. Companies may need to rely on a more holistic view of cyber security, in which safeguards are applied across all relevant systems and end-point devices.
“Any systems which provide externally facing data must be robust in their authentication mechanisms and have protections in place to limit security risks. The traditional security model, which assumes that all elements ’inside’ the network can be trusted, is no longer fit for purpose. However, there are steps that enterprises can make to better protect themselves from these kinds of threats. The zero-trust model works from the premise that no user internal or external to the network, can be trusted by default. All requests have to be authenticated regardless of location, limiting access within network segments therefore reducing vulnerabilities.
“This model has arisen in part because enterprises no longer tend to host data in-house, but rather through a variety of platforms and services which reside both on and off premise with a host of employees and partners accessing applications via a range of devices in diverse geographical location. There is also what is known as privacy enhancing technologies (PET). These are technologies that embody fundamental data protection principles by maximising data security and empowering individuals, as well as minimising personal data use. There are challenges when embedding these policies, as they are reliant on strong governance processes to secure an enterprise IT environment.”
