Anyone reading the newspapers in the last week or so will be aware of another high-profile cyber-attack affecting Aer Lingus and the HSE. Stryve’s Chief Information Security Officer Paul Delahunty is breaking it down for you. Below Paul shares the potential impact of the breach and best practices for businesses to protect their sensitive data.
Both incidents were related to MoveIT software. The MoveIT software is used to automate recruitment processes. The MoveIT software helps HR departments recruit new talent.
The MoveIT breach took advantage of a zero-day vulnerability – a vulnerability no one knew existed before the breach. The data collected by the criminals on this occasion include names, addresses and mobile phone numbers.
“A patch has now been released in response to the attack. All customers using this software must ensure they are patched ASAP”, Paul explains.
“The breach does focus on three questions for organisations:
1. What is in your Incident Response Plan? How much dust is on it? Do you regularly review and practice your response? Do you have a good answer to the question: “Who are the first five people you would call?”
2. Are you confident that your third-party vendors are complying with best practices? While the specific case in the news this week, may not have been avoided, other similar cases are a result of poor vendor and third-party management practices. Organisations should take stock and ensure their vendors and suppliers follow best practices.
3. Does the organisation have 90 days of logs as recommended by CIS (Centre for Internet Security)?
Maintaining good logs is key to understanding what is going on (or has gone on) in a network. These are log books of everything that has entered, accessed or changed your network in any way. In the event of an attack, logs are vital to gain a rapid understanding of what has happened and how far a potential breach has gone.”
If you are concerned about a breach in your business, Stryve can give you peace of mind. Stryve offers tailored cyber security infrastructure and expertise that protects your data and fosters cyber resilience within your organisation. Contact our cyber security consulting team, if you have concerns about your vulnerability to a cyber attack.