Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label IT Projects. Show all posts

June 2023 Review: MOVEit Exploit, UK Government’s AI Leadership Goals, NHS’ Controversial IT Project


June 2023 might have been the most thriving month for Cl0P ransomware group. Since March, the Russia-based hackers started exploiting a SQL injection vulnerability in the MOVEit file transfer service, frequently used by large organizations. However, it was not until June that Cl0p’s wreckage became apparent to organizations as cybersecurity firm Rapid7 revealed that some 2,500 incidents of data exposure had occurred online.

The incidents kept getting worse, with more and more organizations revealing that they were attacked by Cl0p. On June 5, a cyberattack on Zellis, a payroll business, affected British Airways (BA), the BBC, and Boots. The hack, which at the time was directly connected to the use of the MOVEit vulnerability, revealed the personal information of thousands of workers (two days later, BA and BBC received the standard ransomware demand from Cl0p.) As of June 15th, First National Bank, Putnam Investments, and 1st Source were among the financial services providers affected, in addition to the oil giant Shell. Though more would surface as the year went on, ransom demands seemed to crescendo at the end of the month, with Cl0p identifying and shaming Siemens Energy and Schneider Electric as the most recent victims of what now appeared to be one of the worst cyberattacks in history.

Also, June was a memorable month for the UK government’s AI goals. On June 8, the government announced their first AI summit, where it provided opportunity to world leaders to discuss regulations for a technology that many believed possessed a potential to either improve or destroy the global economy. 

As a conclusion, risk reduction in regards to AI emerged on top of the agenda. The UK government stated that risks related with “frontier systems, and discuss how they can be mitigated through internationally coordinated action,” were included in the summit’s discussions.

Furthermore, later that month, the government vouched its commitment towards shaping AI safety research by announcing around £50m in additional funding. On June 19, campaign groups Foxglove and the Doctor’s Association UK (DAUK) urged NHS to reevaluate its bid for the Federated Data Platform (FDP), a large IT project intended to connect the disparate data repositories of British health care into a single, cohesive entity.

While rationality in data analysis was a fair aspiration, according to Foxglove and DAUK, they noted that the government’s strategy for winning over the public to the data collecting that the project required was noticeably negligent. That mattered a lot more, they continued, since Palantir, a US tech startup started by an entrepreneur who had a dim view over the NHS, was the prospective winner of the FDP contract (the prediction that later turned out to be true).

Foxglove further notes that from the analysis they ran over the matter, it turned out that a huge chunk of the public would be against the project centred around the operations of healthcare services to be managed by a private organization. Therefore, making it unlikely for the FDP to be able to provide useful insight into the population's health, among other insights, claimed by its supporters.  

Sophos Says Nearly Every Company Was Attacked Last Year

 


Organizations are constantly bombarded with malicious activity, suffering negative impacts. In the State of Ransomware 2022 report, published by Sophos, a global leader in next-generation cybersecurity, a comprehensive overview of the real-world ransomware experiences of consumers has been provided to the public. According to the report, ransomware-affected organizations increased 66% from 37% in 2020 to 66% in 2021. 

For organizations, cyberattacks are not a matter of chance but something that must be prepared for daily. As per a recent survey released by Sophos on Tuesday, almost all organizations (94%) have suffered from some form of a cyberattack within the last year. 

Researchers warned companies to prepare themselves for being targets by 2023. Organizers are reeling under the constant barrage of malicious activity perpetrated against them. Several threats that face businesses today have become too advanced for them to respond to themselves and deal with on their own. In most cases, organizations report that cyber threats negatively impact their ability to complete IT projects on time or devote time to strategic issues. 

As a result of the most significant ransomware attack on an organization that encrypts data, the average ransom paid by the company has nearly fivefold increased to $812,360. The percentage of companies paying $1 million in ransoms has increased threefold. 

According to John Shier, field CTO of commercial at Sophos, "Many organizations are overwhelmed with routine operational responsibilities as well as strategic initiatives." Consequently, they react to what is happening around them and cannot improve their situation. This is because they are constantly on their backs. After all, they are continually distracted by the present. 

Approximately 5,600 mid-size companies in 31 countries in Europe, the Americas, Asia-Pacific, Central Asia, the Middle East, and Africa share details regarding ransomware payments in the report. It contains information about ransomware attacks on 5,600 mid-size companies in 31 countries overseas. Based on a survey conducted in 14 countries over three months, the report was compiled. There were two surveys conducted in January and February of this year. 

Almost all responders (93%), said they found many of the essential security operations tasks challenging, and only half of the security alerts are investigated by their security teams. According to the survey results, three-quarters of respondents had difficulty identifying the root cause of cyberattacks. 

According to the State of Ransomware 2022 global survey, which examines ransomware incidents in 2021, and cyber insurance issues related to them, the following are the main findings: 

An increase in ransom payments - in 2021, 11% of organizations paid a ransom of $1 million or more, a substantial increase from the 4% that incurred this ransom in 2020. On the other hand, the number of organizations paying less than $10,000 dropped from 34% in 2020 to 21% in 2021.

In 2021, 46% of victims affected by ransomware attacks that encrypted their data paid a ransom in compensation for the loss of their data. 26 percent of organizations paid a ransom to obtain encrypted data in 2021 after restoring data from backups. 

Ransomware attacks pose many risks. Recovery from the latest ransomware attack in 2021 cost an average of $1.4 million per computer, which was the cost of the latest attack. Recovery from the damage and disruption took about a month as a result of the incident. The attack affected six out of 10 organizations in operations, with ninety percent saying it disrupted their operations. The private sector made up 86% of the victims of the attack, with the majority of them having lost revenue or business as a consequence.

To recover from a ransomware attack, organizations often depend on cyber insurance to cover the costs incurred by the organization. According to the survey, 83% of mid-sized companies were protected by cyber insurance in a ransomware attack. In 98% of these incidents, the insurer paid at least a portion (40 percent covered the ransom payment). 

According to the research, ninety-four percent of cyber insurance owners have seen a change in their experiences in the past year, when compared with the year before. It has been found that cybersecurity measures have been increasingly imposed as a result of increasing demands, complicated or expensive policies, and fewer organizations offering insurance coverage. 

It is reported that, according to the survey of IT and cybersecurity leaders, there are five cyber threats of particular concern: data theft, phishing, ransomware, extortion, and DDoS attacks. This year, only 1% of IT leaders say they are not worried about cyberattacks affecting their organizations shortly.