SC Magazine has written an article discussing the unprecedented scope of the MOVEit vulnerability’s exploitation by criminal threat actors, especially the Cl0p ransomware group. Nearly 370 organizations have either been identified as victims by Cl0p or have confirmed that they were victims themselves.
A key piece of data is that at least 93 of those organizations were compromised through a third, fourth, or fifth party supplier, demonstrating why experts are warning of just how long the impacts from MOVEit’s exploitation will linger. John Hammond, a senior security researcher at Huntress, notes that the concern is that there will be “a sort of a trickle-down effect, like a set of falling dominos…[that] can come from simply having data used in other locations, or software integrations or connected applications that bridge technologies,” especially when it comes to organizations who don’t utilize MOVEit Transfer who rely on third-parties who do. Members are highly encouraged to address this concern by coordinating with third-party providers to learn the true scope of the potential indirect risk from exploitation through MOVEit in the months ahead. Read more at SC Magazine.