TechDogs- "What’s Up With The World Wide Ransomware Attacks?"

Cyber Security

What’s Up With The World Wide Ransomware Attacks?

By TechDogs Bureau

TD NewsDesk

Updated on Mon, Jul 3, 2023

Overall Rating

ATTACK!

There’s no need to duck but you need to be careful as cyber attackers are operating in full swing!

Businesses, schools, universities, government agencies and even individuals have been the latest target of cybercriminals through ransomware.

It’s an extensive and complex issue in cyber security circles; in fact, its entire scope is yet unknown.

Robert Cattanach, a cybersecurity specialist and partner at the law firm Dorsey & Whitney (and a former trial lawyer for the Department of Justice) said, “Nobody knows the full extent of this, and that’s the way these cyber compromises work … Once you’re compromised, there begins an arduous process of ‘how far in did they get in?’ and ‘what did they take?’ That’s typically weeks, and sometimes months.”

Let’s dig in deeper.
 

TechDogs-"Image Of Robert Cattanach, A Cybersecurity Specialist And Partner At Dorsey & Whitney"Source

WHO IS DOING IT?

 
The ruling theory is that the ransomware attacks are conducted by a Russian gang called Clop, which demands multimillion-dollar payments before publishing hacked data.
 
According to CNN, the gang claims to have “information on hundreds of companies” and according to cybersecurity experts, since the gang is listing its victims and asking them to initiate contact shows that they are “overwhelmed” by the number of victims.

Interestingly, though, regarding federal agencies, Clop simply posted, “If you are a government, city or police service do not worry, we erased all your data. You do not need to contact us. We have no interest to expose such information.”
 

HOW IS IT HAPPENING?


Quite simply, Clop exploited a security weakness or vulnerability in MOVEit, a software used by many entities and individuals to transfer data.

Progress Software, the maker of MOVEit, even warned its customers in early June about the vulnerability. After the list of vulnerabilities was discoveries, it led to a range of security patches being released.
 

WHO HAS BEEN AFFECTED?


As of 29th June, it’s reported that there are over 140 victims, but the count is still increasing.
 
Affected agencies include The Department of Energy, Minnesota and Illinois state governments, US Department of Health and Human Services (HHS), the Nova Scotia government and more.

Businesses, organizationsand IT companies include Extreme Networks, Gen/NortonLifeLock, PricewaterhouseCoopers, Ernst & Young, Schneider Electric, Nuance, Sony, Cognizant, BBC, British Airways, Siemens Energy, Boots, Zellis, The University of California–Los Angeles (UCLA), Johns Hopkins University, Georgia University and more.

Moreover, 15.5 million individuals and their personal data, including roughly 3.5 million Oregon driver’s license holders, 6 million Louisiana residents, 2.6 million Genworth Finance clients, etc. are affected.

While the number of victims increases, Eric Goldstein, Executive Assistant Director for Cybersecurity at the US Cybersecurity and Infrastructure Security Agency (CISA) said, CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” and added, “We are working urgently to understand impacts and ensure timely remediation.”
 

TechDogs-"Eric Goldstein, Executive Assistant Director For Cybersecurity, US Cybersecurity And Infrastructure Security Agency (CISA)"Source

Do you think MOVEit should be held responsible for software defects leading to the wide-scale attacks? Should organizations and agencies use additional security measures? Let us know in the comments below!

First published on Mon, Jul 3, 2023

Enjoyed what you've read so far? Great news - there's more to explore!

Stay up to date with the latest news, a vast collection of tech articles including introductory guides, product reviews, trends and more, thought-provoking interviews, hottest AI blogs and entertaining tech memes.

Plus, get access to branded insights such as informative white papers, intriguing case studies, in-depth reports, enlightening videos and exciting events and webinars from industry-leading global brands.

Dive into TechDogs' treasure trove today and Know Your World of technology!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs' site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.

Join The Discussion

- Promoted By TechDogs -

Building AI-First Businesses: A CIO’s Guide To AI Adoption

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

  • Dark
  • Light