Remote work Infographic<br />

Listen to The Threat Talks on:

Deep Dive – MOVEit: The danger of delegating data to third-party software

Your cybersecurity experts

Lieuwe Jan Koning

Co-Founder and CTO ON2IT Group

Luca Cipriano

Threat Intel Specialist ON2IT

Rob Maas Field CTO

Rob Maas

Field CTO ON2IT

Remote work Infographic

MOVEit: The danger of delegating data to third-party software

Supply chain: Data delegation

We are looking on the largest data breach of 2023, a supply chain attack impacting over 60 million individuals, primarily involving the MOVEit software. MOVEit is designed to securely exchange data across systems or between companies and users. This breach had significant repercussions, especially in the U.S., due to MOVEit’s extensive use within federal agencies under strict FIB standards.

The breach was orchestrated by the Klo Ransomware Group, who exploited a zero-day vulnerability through SQL injection. This allowed them to install a webshell called LemurLoot on the server, facilitating extensive data theft from governmental and critical infrastructure sectors, though they avoided specific government documents.

Download the infographic for the complete overview

Episode details:

This episode focuses on the 2023’s largest data breach, a supply chain attack orchestrated by the Klo Ransomware Group using MOVEit software, affecting over 60 million people and involving a zero-day SQL injection that enabled the installation of a webshell, LemurLoot, leading to significant data theft from U.S. federal agencies and critical infrastructures.

Despite robust certifications and security measures, the attackers managed to bypass these defenses, highlighting the challenges in fully mitigating such risks. They exploited the SQL vulnerability to manipulate, add, or remove data, and execute remote code, demonstrating the sophisticated capabilities of modern cybercriminals.

Today’s discussion will also touch on the implications of these breaches for data sharing practices, the importance of encryption, and the evolving regulatory landscape aimed at enhancing interoperability among digital platforms in the EU and beyond.

Subscribe to our Spotify channel and stay up to date with every cybersecurity treat.