A zero-day vulnerability in the MOVEit file transfer software was infiltrated, affecting the supply chains of BA, BBC and Boots.

Julia O'Toole , CEO of MyCena Security Solutions, says : “When it comes to protection against these threats, segmenting and encrypting access is essential."

“By segmenting access, you minimise the amount of data that can be obtained at once, and the malware cannot travel not just inside your systems, but also further up and down your supply-chain to avoid infecting more companies.”

It is common for an initial breach to spread up and down the supply-chain of the initial target. Once a criminal is in – it could be spear-phishing, social engineering, brute force, credentials attacks - they will be looking for doors that can open onto new victims.

The holy grail is finding a flaw or open door that no one has yet discovered that can carry them fast, far and wide into new host systems; similar to a virus that found an unsuspected superhost that will spread it to new host bodies.

This time they found the zero-day vulnerability in the MOVEit Transfer software, which allowed them to spread from Zellis payroll services to their customers, including BA, BBC and Boots.

What can businesses do in terms of protection?

Segment access and encrypt each access, so that if one system is infected, for example payroll, the rest of the systems are safe, while the incident can easily be contained.

The ancient Greeks taught us many things. Thousands of years later, we still apply Greek wisdom to things like government, teaching and law. And, according to MyCena Security Solutions CEO Julia O’Toole, there are still lessons to be learned in the cybersecurity world. O'Toole explains how ancient Greek architecture can provide lessons for building a strong defence against modern ransomware attacks. Highlighting the city of Mycenae, known for its robust walls and layered security, as inspiration, O'Toole emphasises the speed and vulnerabilities associated with modern ransomware attacks, criticising the reliance on single access tools and employee-created passwords. Instead, companies should learn from the ancient Greeks – implementing segmented access with unique encrypted passwords at different levels to create an impregnable fortress for their digital assets.

The proposed EU certification scheme (EUCS) has taken another step closer to being implemented. The new law aims to ensure cybersecurity for cloud services and guide EU governments and companies in selecting reliable vendors. The EU's focus on cloud services is intended to protect sensitive data that could have significant consequences for public safety, human life, health, and intellectual property if compromised. But there are potential hurdles to overcome. While the EU wants to safeguard data rights and privacy, there are concerns about fragmentation of the single market as individual countries can implement the rules at their discretion. Similarly, these measures face criticism from US tech giants, such as Google, Amazon and Apple, concerned about potential exclusion from the European market.

Recent research shows that 56% of FTSE 100 employees reset their passwords monthly, costing over $1.7 billion annually. The cost of these password resets is estimated to be around $70 per reset, resulting in a total cost exceeding $156 million per month for the FTSE 100 alone. Julia O'Toole, CEO of MyCena Security Solutions, suggests that businesses should take control of their own access and passwords to eliminate the need for password resets. O’Toole emphasises that when employees know their passwords, companies are vulnerable to phishing attacks – a major cause of data breaches. To address password resets, businesses can regain control through access segmentation and encryption management solutions that generate strong random passwords for all systems, which are encrypted and distributed to employees. By implementing such solutions, businesses can eliminate password resets, reduce security risks, and save millions of dollars per year.

During the recent RSA cybersecurity conference, experts and officials expressed concerns about the use of artificial intelligence (AI) by cyber criminals. Criminals are using AI to automate personalised phishing attacks across email, voice and encrypted channels like WhatsApp. They’re also creating more sophisticated and believable disinformation campaigns. Experts fear that AI-powered software will enable attackers to breach corporate networks, disguise themselves to evade detection and extract data undetected. To fight against the growing threat, companies should ensure their systems don’t make an easy target for bad actors. Key defences include strong, unique passwords, system segmentation and ongoing employee education. Should a phishing attempt succeed, the defences are then designed to limit the damage as much as possible.

Cybersecurity company Dragos recently experienced a security incident where a known gang breached defences and attempted to encrypt devices. Although the threat actors failed to breach Dragos' network or cybersecurity platform, they did gain access to the company's SharePoint cloud service and contract management system. The breach occurred after the personal email address of a new sales employee was compromised before their start date, downloading data and intelligence reports typically reserved for customers. Dragos responded by disabling the compromised account, asserting that their layered security controls successfully prevented the threat actors from executing their objective of launching ransomware. The attackers were also unable to move laterally, escalate privileges, establish persistent access, or make any changes to Dragos' infrastructure.