Blog

8 July 2021

MHR not affected by major global cyber-attack

Woman using laptop

This month a major cyber-attack has affected approximately 1,500 organisations worldwide and is thought to be one of the biggest ransomware attacks in history.

The attack encrypted vast amounts of data, taking many organisations offline. The attackers have demanded $70m for the key to decrypt the data. 

The root cause of the attack was the exploitation of an unknown vulnerability in a widely used software product. The software was used by managed IT service providers to administer the IT systems of other organisations, so the initial compromise of 50 organisations worldwide provided access to hundreds more businesses. This is the biggest supply-chain attack since the Solarwinds breach in 2020. 

MHR can confirm that they are not affected by this attack as they do not, nor their IT service providers, use the vulnerable software. As an additional check, the indicators of compromise (IOCs) associated with the attack have been checked and confirmed not to be present in the MHR IT environment. MHR uses a specialist, third-party managed security service provided to monitor its systems 24/7 to identify these or similar types of attacks. 

It is very hard for organisations to protect against these types of supply chain attacks, as the malicious actors gain access through trusted software. The best way organisations can protect themselves is to ensure they have effective, layered security against ransomware and security monitoring in place to identify and respond to a breach. 

Next steps for protecting against cyber-attacks

  1. If you are unsure whether your organisation has been affected by the incident, speak to your internal security or IT team and follow the advice from the vendor here
  2. If you would like help in assessing whether your organisation has effective security controls in place to protect against a ransomware attack, or would like to undertake a controlled, simulated ransomware attack to see how your organisation would fair against an attack, please contact your customer relationship manager. 
  3. If you would like to understand how you can better protect your iTrent application against cyber-attacks on your organisation, see the iTrent Shield feature below.  
iTrent Shield
Blog tags
Cyber Security
2021
MHR

Will North

Will is the Chief Information Security Officer at MHR and has over a decade of experience within the cyber security industry helping organisations to identify their critical information security gaps and implement pragmatic solutions to mitigate information security risks to an acceptable level.

Back to previous

Related blog posts

A shield with a compliance tick and a lock and key.

3 November 2023

How will technology and cybersecurity change in 2024?

“I wonder if the main technological challenge of 2024 will be getting any interesting technology noticed over the noisy large language model gorilla in the room!”- Neil Stenton, Research Engineer…

Read more
data security

12 January 2023

Don’t let cyber-criminals ruin the start to your year

Data – an invaluable asset Data might not be tangible in the conventional sense. But data is a currency of sorts and an invaluable one – an asset that needs…

Read more
Supply ch attacks

17 November 2022

Supply chain attacks: what are they and how can you protect against them?

What are supply chain attacks? Most organisations rely upon a supply chain to deliver products, systems and software critical to the day-to-day business operations. However, a large proportion of these…

Read more

 

MHR logo rounded corners