Summer is here, and things are heating up in the cybersecurity sphere. June saw a third-party vulnerability spiral into the furthest-reaching cyber attack of the year thus far, while separate attacks cut into summer plans for gamers, vacationers, and commuters alike. ?
June’s Biggest Cyber Attacks
MOVEit Data Is on the Move?
June¡¯s biggest data breach is one that will continue to reverberate, as the MOVEit cyber attack is shaping up to be one of the most consequential in recent memory. MOVEit is a widely used file-transfer system designed to consolidate an organisation¡¯s transfer activities into a single tool.
Starting on Memorial Day weekend, thieves exploited a zero-day vulnerability in the software to steal data from a dizzying range of organisations around the world in attacks that one security expert called the online equivalent of .?
MOVEit parent company Progress Software reported the breach on 31 May and issued a patch for the exploit, but many companies did not install the fix quickly enough to avoid a breach. While it was clear from the start that the exploit was widespread, the scope continued to balloon throughout the month of June.
In the middle of the month, the Russian-speaking hacker group Clop began whose data was stolen in the attack. as June drew to a close, with no obvious end in sight.??
The list of victims so far includes governmental departments, major tech companies, educational institutions, and many more. Among the confirmed breaches are:?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
- ?
With the Clop group still demanding ransom payoffs and more victims emerging by the day, this seems to be a situation that will impact the cybersecurity world for many months to come.
Records Exposed: Total scope is unknown, but includes personally identifiable information for customers and employees, as well as business and operational documents.
Type of Attack: Third-party security exploit
Industry: You name it, Clop breached it
Date of Attack: 27 May 2023 ¡ª Ongoing
Location: Worldwide, likely originating from a Russian-speaking region
Key takeaway: The MOVEit breach is one of the clearest illustrations of just how wide-reaching a single cybersecurity incident can be.
What initially appeared to be a fairly small-scale attack has now snowballed into a major data heist that touched organisations of all sizes, in all walks of business and government, and in nearly every corner of the globe. It¡¯s also a reminder for organisations to act quickly when third-party providers issue patches and fixes to known security issues. MOVEit and Progress Software acted swiftly in sending out a patch, but many organisations did not take advantage of it in time to prevent a data theft.?
Hackers Cause Trouble at the Pumps for Canadian Drivers??
A cyber attack on Canadian energy giant SunCor left cashless motorists¡¯ tanks empty in late June. Credit card readers at Petro-Canada stations went down across the country following a 24 June breach, leaving locations to operate on a cash-only basis. Customers were also locked out of the company¡¯s apps and online accounts, denying them access to points and rewards programs. Some SunCor employees also reported difficulty accessing internal accounts. ?
Although services were within a few days, an outage during a busy summer travel weekend created headaches and chaos across Canadian roadways. Some customers who weren¡¯t carrying cash reported and having to be towed to another station. One cybersecurity expert even compared the to last year¡¯s devastating Colonial Pipeline breach.
At the time of this writing, the full nature of the attack and any potential culprits had not been disclosed, but it bears many earmarks of a ransomware incident.?
Records Exposed: Unknown. Credit and debit card services disrupted, apps and rewards programs taken offline.?
Type of Attack: Possible ransomware?
Industry: Energy?
Date of Attack: June 24, 2023?
Location: Canada?
Key takeaway: Cybersecurity incidents that cause mostly internal damage are bad enough, but the fallout from a public-facing breach can be all the more impactful. In this case, SunCor found itself battling to not only rectify the cyber attack within its own systems, but also responding to confused and angry customers across the country. That kind of multi-pronged dilemma can be extremely costly from both a tech and a public relations standpoint.??
Blizzard Gamers Get Frozen Out By DDoS?
Some of the biggest titles in online gaming were out of commission over a busy summer weekend after a . Gamers eager to engage with massively popular games such as ¡°World of Warcraft,¡± ¡°Call of Duty,¡± and ¡°Diablo IV¡± found themselves frozen out from signing in to their accounts for much of the day on 25 June. ?
The Activision Blizzard servers that authenticate users were from unknown attackers, creating a logjam that essentially rendered many Blizzard titles unplayable. Blizzard acknowledged and apologized for the outage on social media, and notified gamers when the attacks eventually stopped.
As of this writing, no organisation has taken credit for the DDoS incident, although some industry observers have pointed to Activision Blizzard¡¯s long record of corporate controversies .??
Records Exposed: N/A?
Type of Attack: Direct denial of service?
Industry: Gaming and entertainment?
Date of Attack: 25 June 2023?
Location: Santa Monica, California?
Key takeaway: While this service outage will probably be nothing but a blip for Activision Blizzard, the revenues lost from even a brief shutdown are substantial.
The gaming industry attracts a large number of tech-savvy users, which can create problems when those customers feel wronged or slighted. That makes vengeance-minded attacks ¡ª of which this may be one ¡ª a constant concern for companies like Blizzard.?
No matter your level of online activity, the odds are good that you dealt with a company or organisation that was impacted by one of June¡¯s biggest cyber attacks. This should stand as a reminder that no business is immune to the pervasive reach of cybercrime, and that a proactive posture is more effective than reacting after the fact.?
Learn more about?common attack vectors and how to keep your organisation safe.?
Explore the cybercrime ecosystem?and understand how partnering with a security operations provider can stop attacks before they begin.??
