Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 20 June 2023 / Published in Woo on Tech

Multiple organizations breached in massive exploit

Data Breach

A Russian-backed ransomware gang known as “Cl0p” has put about 50 notches in its belt in the past two weeks by exploiting several vulnerabilities in a Managed File Transfer (MFT) platform called MoveIt. Though you might never have heard of MFTs or MoveIt, you are probably very familiar with DropBox, Google Drive and OneDrive, all of which feature the ability to share files with others (ie. MFTs) as part of their overall service. MoveIt is purchased by organizations that want to set up their own private file sharing service and one of the distinctive features of MoveIT is that is premise-based and not cloud-based. Even now many organizations believe that “rolling your own” on-premise services is more secure than putting everything in the cloud, but this batch of breaches is proving the exact opposite.

What this means for you

Fifty seems like an impressive body-count, and those are only the ones we know about. According security researchers, Cl0p may have been probing weakness in MoveIt implementations as far back as 2021. The group is following the usual extortion playbook – they are threatening to release the stolen data unless their demands are met, though in several instances they seem to be walking a careful path to steer clear of extorting entities that might draw literal crosshairs on their backs. While Cl0p seemed proud to enumerate the US Department of Energy on its list of victims, it said in a statement that it would not be exploiting any data taken from government agencies and that such data would be erased, presumably to avoid global politics (and “lettered agency” involvement) getting in the way of profits.

The key takeaway for us smaller targets is pointing out that premised-based systems are no more secure than cloud-based systems, and in this particular case, because onsite systems require active monitoring and maintenance by trained professionals to stay secure, this becomes a fundamental weakness if the organization cannot maintain the premise system as well as a cloud-based (and centrally managed) platform. Most on-premise platforms are far from the “set and forget” applications of the previous decades, and any system that is internet-facing like MFTs require constant policing, something that most companies are ill-suited to provide or even afford.

Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net

  • Tweet

What you can read next

Warning!
Router backdoors hidden but still usable
ID-100144458.jpg
Your business isn’t too small to be targeted
Email in 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Update your tech vocabulary for 2023

    If there is one thing that the Internet excels ...
  • We sold our souls, but not how you might think.

    Part of an occasional series of articles that d...
  • “Low on Cyan.”*

    If you catch me at the end of a frustrating day...
  • GPTBot starts crawling the web. Resistance is futile.

    I know some of you are Trekkies, and even if yo...
  • Surprise, surprise. Hackers are using AI to bolster their attacks.

    The FBI held a press conference last week to co...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP