Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 20 June 2023 / Published in Woo on Tech

Multiple organizations breached in massive exploit

Data Breach

A Russian-backed ransomware gang known as “Cl0p” has put about 50 notches in its belt in the past two weeks by exploiting several vulnerabilities in a Managed File Transfer (MFT) platform called MoveIt. Though you might never have heard of MFTs or MoveIt, you are probably very familiar with DropBox, Google Drive and OneDrive, all of which feature the ability to share files with others (ie. MFTs) as part of their overall service. MoveIt is purchased by organizations that want to set up their own private file sharing service and one of the distinctive features of MoveIT is that is premise-based and not cloud-based. Even now many organizations believe that “rolling your own” on-premise services is more secure than putting everything in the cloud, but this batch of breaches is proving the exact opposite.

What this means for you

Fifty seems like an impressive body-count, and those are only the ones we know about. According security researchers, Cl0p may have been probing weakness in MoveIt implementations as far back as 2021. The group is following the usual extortion playbook – they are threatening to release the stolen data unless their demands are met, though in several instances they seem to be walking a careful path to steer clear of extorting entities that might draw literal crosshairs on their backs. While Cl0p seemed proud to enumerate the US Department of Energy on its list of victims, it said in a statement that it would not be exploiting any data taken from government agencies and that such data would be erased, presumably to avoid global politics (and “lettered agency” involvement) getting in the way of profits.

The key takeaway for us smaller targets is pointing out that premised-based systems are no more secure than cloud-based systems, and in this particular case, because onsite systems require active monitoring and maintenance by trained professionals to stay secure, this becomes a fundamental weakness if the organization cannot maintain the premise system as well as a cloud-based (and centrally managed) platform. Most on-premise platforms are far from the “set and forget” applications of the previous decades, and any system that is internet-facing like MFTs require constant policing, something that most companies are ill-suited to provide or even afford.

Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net

  • Tweet

What you can read next

robohand-indiegogo-3d-printed-hand-2[1].jpg
3D Printing Making Prosthetics Affordable
Computer Security
We need to start taking “hackers” seriously
Should you limit what you do with your phone?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Security is about to get even more complicated

    We’ve discussed in previous blogs how tec...
  • RIP Skype

    Two years ago, in 2023, Microsoft announced tha...
  • Make a list, check it twice!

    Get ready to show your work

    I’m sure it’s still a thing for stu...
  • Windows 10 Countdown

    As of now, Microsoft seems to be holding fast t...
  • two ceramic smiling poop emojis on a white background

    It’s not just you

    I first encountered Cory Doctorow through his n...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP