Security Breach – 30 Aug 2024

supply chain

30 Aug Security Breach – 30 Aug 2024

Posted at 13:13h in Security Breach, TCT News by

The software supply chain has increasingly become a target for cybercriminals, posing severe risks to businesses and organisations worldwide. A recent study by BlackBerry revealed that more than 75% of software supply chains have experienced cyberattacks in the last 12 months. As software development becomes more complex and interconnected, the supply chain becomes more vulnerable to attacks, especially those exploiting zero-day vulnerabilities. A deep exploration of the growing trouble in the software supply chain and how zero-day exploits exacerbate these risks can give IT professionals a clearer picture of this problem and how to mitigate it.

The software supply chain encompasses the entire ecosystem of third-party software, libraries and tools that developers use to create applications. This includes everything from open-source components to proprietary software provided by vendors. As companies integrate more third-party code, the attack surface expands, giving cybercriminals more vulnerable entry points into your system. The impact of a software supply chain attack can be devastating, with a cascade of damage that hits many organisations. In such cases, attackers compromised trusted software providers, inserting malicious code that was then distributed to thousands of customers. The consequences of supply chain attacks can affect businesses in multiple ways.

Recent Breaches

 

Australia – Meli – Non-Profit

Exploit: Ransomware

Risk to Business: Moderate: Meli, a community support service based in North Geelong, has confirmed it was targeted in a cyberattack, which is under investigation. The Qilin ransomware group claimed responsibility, stating they stole 419,617 files (215 GB of data) in the August 21 attack. The group posted 14 screenshots of stolen documents, including financial statements, confidentiality agreements, passports and a Medicare card, to prove their claim. Meli’s client services remain unaffected, though some internal processes are impacted. Authorities, including Victoria Police and the Australian Cyber Security Centre, have been notified.

 

Japan – Toyota – Carmaker

Exploit: Third Party (Misconfiguration)

Risk to Business: Moderate: Toyota revealed that a misconfigured cloud bucket exposed over 2.15 million customer records to the open internet for over 10 years, from November 2013 to April 2023. The breach affects customers of Toyota’s Connected services in Japan. Additionally, the ZeroSevenGroup cybercrime gang claims to have stolen data “from a U.S. branch”, potentially a Toyota dealer, including employee and customer details, but the provenance of the data they published has not been confirmed. Toyota says that none of its internal systems were breached, pointing to an unnamed third party as the source of the data.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
30/08/2024

Related Articles:
Unmasking the True Price of IT Downtime
Protect Yourself from AI Phishing