header image

Cyber Intelligence Briefing: 9 June 2023

Miles Arkwright, James Tytler 9 June 2023
9 June 2023    Miles Arkwright, James Tytler

CYBER SECURITY INSIGHTS REPORT 2022

We reveal the challenges faced by C-suite professionals and senior IT leaders across three key areas of cyber security – budgets, incidents and insurance.

Download Report

The S-RM Cyber Intelligence Briefing is a weekly round-up of the latest cyber security news, trends, and indicators, curated by our intelligence specialists.

top NEWS stories this week

  1. MOVEit. Cl0p gives “hundreds” of victims 14 June deadline to negotiate after mass data theft.  
  2. Dark clouds. Toyota Motor suffers a data breach due to cloud misconfigurations. 
  3. Top secret! Government contractors Casepoint and Xplain investigate breaches.  
  4. Return to sender. Hacktivist group claims ownership for Office 365 downtime. 
  5. School's out for summer. Leytonstone School forced to close after cyber incident. 

1. CL0P GIVES MOVEIT DATA THEFT VICTIMS 14 JUNE DEADLINE TO NEGOTIATE

The Russia-linked ransomware group Cl0p has taken responsibility for a major ongoing cyber attack that targeted the popular file sharing platform MOVEit. The group claims to have stolen data from “hundreds” of companies, including British Airways, BBC, and Boots. Victims are being given until 14 June to begin negotiations. 

MOVEIT EXPLOIT: FAQS AND REMEDIATION ADVICE

      

SO WHAT?

If you are concerned about your organisation’s exposure to the MOVEit zero-day vulnerability, implement the following remediation measures and contact S-RM.

 

 

2. CLOUD MISCONFIGURATION LEADS TO TOYOTA DATA BREACH

Toyota Motor, the Japanese car manufacturer, has reported that the data of 260,000 customers from Asia and Oceania has been exposed due to misconfiguration of the cloud environment. The breach consisted of sensitive data such as names, addresses, and vehicle registration numbers, alongside in-vehicle device IDs 

 

                                           

SO WHAT? 

Organisations should ensure that appropriate and comprehensive change and configuration management procedures, that include defined roles and responsibilities, are in place.

 

 

3. GOVERNMENT CONTRACTORS CASEPOINT AND XPLAIN HIT BY CYBER ATTACKS 

  • ALPHV/BlackCat ransomware group claims to have stolen 2TB of sensitive data from Casepoint, a US-based legal discovery tech firm whose clients include the US Department of Defense and Securities and Exchange Commission. The stolen data allegedly includes internal documents, legal records, and login credentials. 

 

                                           

 SO WHAT?

Organisations handling sensitive data should conduct regular security assessments, including penetration testing, to identify vulnerabilities and proactively mitigate threats.

 

 

4. HACKTIVIST GROUP CLAIMS RESPONSIBILITY FOR RECENT OFFICE 365 OUTAGE

Hacktivist group Anonymous Sudan has claimed responsibility for a service outage this week which disrupted Microsoft Office 365, including inbound and outbound emails on Outlook. The Russia-linked group claims to have launched a DDoS attack on the organisation in retaliation for US government interference in Sudanese political affairs.  

 

    

 SO WHAT?

Russian state-linked threat actors have repeatedly threatened to target large Western organisations. Being proactive about threat intelligence will help to inform your cyber security approach to protect your business.

 

 

5. LEYTONSTONE SCHOOL REMAINS CLOSED AFTER CYBER INCIDENT 

A school based in Leytonstone, London, has remained closed since last week’s half term holiday, after experiencing a critical incident that resulted in unauthorised access to the school's network. The school was legally unable to reopen due to staff vetting checks becoming inaccessible.  

 

    

SO WHAT?

Disruption to data availability following a cyber attack can have unforeseen operational consequences. Ensure you have redundancy measures in place for key resources as part of a business continuity plan.

 

 

 

Cyber Intelligence Briefing

To discuss this article or other industry developments, please reach out to one of our experts.

Miles Arkwright
Miles arkwright Associate, Cyber Security Email Miles
James Tytler
James tytler Associate, Cyber Security Email James

CYBER SECURITY INSIGHTS REPORT 2022

We reveal the challenges faced by C-suite professionals and senior IT leaders across three key areas of cyber security – budgets, incidents and insurance.

Download Report