Blog entry by Les Bell

Les Bell
Security News" 2023-06-16
by Les Bell - Friday, 16 June 2023, 11:00 AM
Anyone in the world

Welcome to today's daily briefing on security news relevant to our CISSP (and other) courses. Links within stories may lead to further details in the course notes of some of our courses, and will only be accessible if you are enrolled in the corresponding course - this is a shallow ploy to encourage ongoing study. However, each item ends with a link to the original source.

News Stories

Ransomware Permanently Closes Hospital

A salutory tale about cyber resilience, business continuity and the risk posed by ransomware: CBS News reports that a hospital in Central Illinois is closing down, at least in part due to a ransomware attack.

St, Margaret's Health, which operates in the city of Spring Valley, Illinois, will shut down today, blaming a devastating ransomware attack in 2021 which prevented it from filing insurance claims. This seems to be the first time that a hospital has blamed cybercriminals for its closure, although other factors, such as staffing costs and supply chain issues, also played a part.

CBS Chicago Team, Central Illinois hospital closing after 2021 ransomware attack, news report, 13 June 2023. Available online at https://www.cbsnews.com/chicago/news/st-maragrets-health-central-illinois-hospital-closing/.

MOVEit Transfer: The Gift That Just Keeps Giving

File transfer software vendor Progress Software has had to disclose yet another critical vulnerability in their MOVEit Transfer product. At the time of writing, no fix is available, and the suggested mitigation is to block all HTTP and HTTPS traffic to MOVEit Transfer machines. The firm notes that once this is done:

  • Users will not be able to log on to the MOVEit Transfer web UI  
  • MOVEit Automation tasks that use the native MOVEit Transfer host will not work
  • REST, Java and .NET APIs will not work
  • MOVEit Transfer add-in for Outlook will not work

But other than that, it will be business as usual, with the SFTP and FTP protocols still working as normal - which renders using MOVEit somewhat pointless, since its major convenience is a browser-based interface that is easy for users.

Meanwhile, CNN News reports that a number of US Government agencies have been hit by ransomware group Cl0p, including the Department of Energy, as well as one of its subcontractors.

Progress Software, MOVEit Transfer Critical Vulnerability – CVE Pending (June 15, 2023), web article, 15 June 2023. Available online at https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023.

Lyngaas, Sean, Exclusive: US government agencies hit in global cyberattack, news report, 15 June 2023. Available online at https://edition.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html.

These news brief blog articles are collected at https://www.lesbell.com.au/blog/index.php?courseid=1. If you would prefer an RSS feed for your reader, the feed can be found at https://www.lesbell.com.au/rss/file.php/1/dd977d83ae51998b0b79799c822ac0a1/blog/user/3/rss.xml.

Creative Commons License TLP:CLEAR Copyright to linked articles is held by their individual authors or publishers. Our commentary is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License and is labeled TLP:CLEAR.

Tags:
Permalink