A zero-day vulnerability in the MOVEit file transfer software was infiltrated, affecting the supply chains of BA, BBC and Boots.
“By segmenting access, you minimise the amount of data that can be obtained at once, and the malware cannot travel not just inside your systems, but also further up and down your supply-chain to avoid infecting more companies.”
It is common for an initial breach to spread up and down the supply-chain of the initial target. Once a criminal is in – it could be spear-phishing, social engineering, brute force, credentials attacks - they will be looking for doors that can open onto new victims.
The holy grail is finding a flaw or open door that no one has yet discovered that can carry them fast, far and wide into new host systems; similar to a virus that found an unsuspected superhost that will spread it to new host bodies.
This time they found the zero-day vulnerability in the MOVEit Transfer software, which allowed them to spread from Zellis payroll services to their customers, including BA, BBC and Boots.
What can businesses do in terms of protection?
Segment access and encrypt each access, so that if one system is infected, for example payroll, the rest of the systems are safe, while the incident can easily be contained.