1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Most data breaches on enterprise attack the supply chain

    From TechnologyDaily@1337:1/100 to All on Wed Feb 28 11:45:06 2024
    Most data breaches on enterprise attack the supply chain

    Date:
    Wed, 28 Feb 2024 11:33:14 +0000

    Description:
    Cl0p, with its MOVEit campaign, is still making headlines.

    FULL STORY ======================================================================

    The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain.

    This is according to the Global Third-Party Cybersecurity Breach Report, a
    new research paper published by the SecurityScorecard security organization.

    As per the report, 75% of all third-party breaches targeted the software and technology supply chains, mostly because threat actors can scale their operations with minimal effort that way. The States in focus

    Whats more, 75% of organizations are at the highest levels of maturity, as their third-party risk programs have been manual as of 2021. Companies must work toward automating vendor identification and cyber risk management across their entire digital ecosystem, the researchers concluded.

    Its worth noting that the majority of all these breaches analyzed for the report were related to the MOVEit managed file transfer software. This
    product was found vulnerable in a way that allowed threat actors to
    exfiltrate sensitive data from its users.

    Almost two-thirds (61%) of all third-party breaches were attributed to
    MOVEit. To make things worse, 64% of all third-party breaches were linked to Cl0p, the ransomware operators who were said to be the first ones to exploit the MOVEit flaw. LockBit, another infamous ransomware operator, took up just 7%.

    Of all the different industries, the healthcare vertical was most affected by third-party breaches, making up 35% of all attacks. Healthcare-related data
    is highly prized by hackers.

    Leaking it can cause all kinds of problems to the organization it was stolen from, which makes them more inclined to pay a potential ransom demand. Alternatively, threat actors can sell it well on the dark web.

    Finally, two-thirds (64%) of all third-party breaches happened in North America, of which - 63% in the United States. SecurityScorecard does stress that this data may be somewhat skewed, as both the media and the security industry is overwhelmingly focused on English-speaking countries, and the US specifically. More from TechRadar Pro The MOVEit breach may well have been
    the biggest cyberattack of the year Here's a list of the best firewalls
    around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/most-data-breaches-on-enterprise-attack -the-supply-chain


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)