Cyber SafetyIdentity & AccessPress ReleaseThreat Detection & Defense

Data Breaches Are Inevitable, Preparedness Is Key

Photo of CSA Editorial CSA Editorial Send an email June 15, 2023
1 minute read

MOVEit, the file transfer software, was compromised with a zero-day attack that went undetected, dating back to 27th May. The vulnerability was exploited to upload a web shell onto the MOVEit Transfer server. This also allowed threat actors to enumerate files and folders on the MOVEit Transfer server, read configuration information, download files, and create or delete MOVEit server user accounts.

Palo Alto Networks has published a blog post on how and why this compromise occurred. It was revealed that at least 2,377 servers had been exposed through this leak, and the organisations engaged with MOVEit’s services have been impacted by the result of the hack.

Unfortunately, even a renowned insurance company was a victim of this nefarious exploit. The organisation acted swiftly and promptly to resolve the vulnerability discovered in the MOVEit software by patching and updating its defence measures. By swiftly informing affected customers and providing urgent support, they have gone above and beyond. Reporting a data breach on this scale, where there are no legal requirements, should be commended and should be the norm.

“This tragedy serves as a poignant reminder to businesses that data breaches happen not if but when. Even with the most advanced cybersecurity measures in place, persistent threat actors will keep trying to get past defences. Hence, it becomes paramount for organisations to prepare for the worst-case scenario and craft comprehensive recovery plans to minimise the impact of such breaches.” said Vicky Ray, Principal, Unit 42 Threat Intelligence, JAPAC, Palo Alto Networks. By combining persistence, vigilance, and strategic planning, businesses can navigate the treacherous digital landscape with greater resilience and emerge stronger in the face of adversity. Some recommendations include:

  • Educate and promote safe practices to empower employees as the first line of defence
  • Prepared for any eventuality through strategic planning, prudent resource allocation, and well-crafted incident response plans
  • Setting up routine security assessments and audits can help you realise the full potential of your security posture.
  • Staying vigilant and constantly informed of the ever-changing cyber threat landscape to stay ahead of the curve and thwart potential threats.
Tags
Photo of CSA Editorial CSA Editorial Send an email June 15, 2023
1 minute read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Financial Phishing

Financial Phishing Continues to Be Menace to SEA Companies—Kaspersky

November 28, 2024
Keeper Security

Williams Racing Chooses Keeper Security to Safeguard Data in Formula 1’s High-Stakes, Data-Driven World

November 28, 2024
resilient cybersecurity frameworks

Beyond Legislation: How Businesses Can Build Resilient Cybersecurity Frameworks

November 28, 2024
Tanium Automate

Sleepless Nights & Security Gaps: Why Automation Is Your Cybersecurity Ally

November 27, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net