Hybrid Warfare: Gaza conflict
Throughout the year, the Russia and Ukraine conflict continued. However, the 7th October 2023 saw the Islamic Re - sistance Movement (Hamas) launch a surprise military operation against Israel. The cyber threat landscape has seen an interesting mirroring of the Russia-Ukraine conflict with hacktivism at the forefront of the cyber threat. Mostly targeted against Israeli infrastructure, the activity has typically impacted the Availability vector of the CIA triad through Denial of Service (DoS) attacks. Furthermore, for the greatest impact, adversaries have been targeting Crit- ical National Infrastructure sectors such as Energy and Defence, Telecommunications and Government to have the largest impact for their respective side.
The adversarial groups have also had a keen interest and relative success rate with specific targeting of Industrial Control Systems (ICS), in particularly SCADA.
Companies targeted through digital supply chain: File sharing platforms targeted Throughout 2023, file sharing platforms were exploited across the globe to compromise organisations using them for data extortion and ransomware attacks. Fortra’s GoAnywhere MFT software was targeted early in the year through a zero-day vulnerability tracked as CVE-2023-0669, which leveraged remote command execution to deploy ransomware to the userbase. CL0P managed to successfully breach 130 companies and exposed millions of individual’s private data using this vulnerability . This flaw was patched in version 7.1.2. Furthermore, in June 2023, MOVEit was exploited through additional zero-day vulnerabilities tracked as CVE-2023-35708 and CVE-2023-34362 . This attack had far-reaching consequences, including organisations that had supply chain usage of the tool. This attack has been documented as the biggest data theft of 2023, with over 2,000 organisations compromised and the data theft impacting 62 million individuals. Patches are available for these vulnerabilities and should be applied.
Supply chains continue to be breached: Capita Breach In March 2023, Capita, an outsourcing company suffered a data breach which impacted 90 organisations. Capita suffered an unauthorised intrusion into their Microsoft 365 applications and had Black Basta ransomware deployed to 0.1% of their server estate. This was reduced due to the intervention of Capita to stop movement. However, the reputational damage and financial impact has been costly for the company as they suffered direct cyber incident costs of around £25m. The groups share price dropped 12% showing the reputational damage of the attack starting to show in public markets. The costs continue to mount for the company too, as they lost £67.9m for the first six months to June 2023 compared to a profit of £100,000 a year earlier. The company attributed these losses to the fall out of the cyber incident and cannot determine the size of the fine yet. This attack shows the real impact that supply chains can have on organisations and proves the need to hold third parties to the same security standards as your own organisation, which might include standards such as ISO27001.
11
Made with FlippingBook - PDF hosting