8/9/2023 0 Comments Attack of the unknown![]() The BBC was among the organisations successfully hacked. In supply-chain attacks, cybercriminals target one organisation by attacking an external provider they use. ![]() This suggests these cybercriminals have learned from previous supply-chain attacks, and are experimenting with making the strategy commercially viable. Unlike many previous types of attack, particularly those that have employed ransomware, in this case the criminal group launched a mass attack and waited for individual organisations to fall prey, then sought to exploit each one in turn. Responsibility for the attack was claimed by the Russia-linked “cl0p” group, which has since issued an ultimatum to the affected organisations – asking for money unless they want the stolen data to be released on the dark web. Since Zellis is the main payroll service provider to these organisations, it is easy to trace how this incident started. Zellis confirmed a “small number” of customers had been affected, adding that it had disconnected the server using Moveit as soon as it became aware of the incident. ![]() ![]() This allowed hackers to compromise Zellis, a trusted supplier of services to BA, the BBC, Boots and others. It involved what’s called a “ zero-day exploit”, a piece of computer code that takes advantage of a previously unknown vulnerability. The recent attack was against a piece of software called Moveit, which is used to transfer computer files from one location to another. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |