8 July 2021
MHR not affected by major global cyber-attack
This month a major cyber-attack has affected approximately 1,500 organisations worldwide and is thought to be one of the biggest ransomware attacks in history.
The attack encrypted vast amounts of data, taking many organisations offline. The attackers have demanded $70m for the key to decrypt the data.
The root cause of the attack was the exploitation of an unknown vulnerability in a widely used software product. The software was used by managed IT service providers to administer the IT systems of other organisations, so the initial compromise of 50 organisations worldwide provided access to hundreds more businesses. This is the biggest supply-chain attack since the Solarwinds breach in 2020.
MHR can confirm that they are not affected by this attack as they do not, nor their IT service providers, use the vulnerable software. As an additional check, the indicators of compromise (IOCs) associated with the attack have been checked and confirmed not to be present in the MHR IT environment. MHR uses a specialist, third-party managed security service provided to monitor its systems 24/7 to identify these or similar types of attacks.
It is very hard for organisations to protect against these types of supply chain attacks, as the malicious actors gain access through trusted software. The best way organisations can protect themselves is to ensure they have effective, layered security against ransomware and security monitoring in place to identify and respond to a breach.
Next steps for protecting against cyber-attacks
- If you are unsure whether your organisation has been affected by the incident, speak to your internal security or IT team and follow the advice from the vendor here.
- If you would like help in assessing whether your organisation has effective security controls in place to protect against a ransomware attack, or would like to undertake a controlled, simulated ransomware attack to see how your organisation would fair against an attack, please contact your customer relationship manager.
- If you would like to understand how you can better protect your iTrent application against cyber-attacks on your organisation, see the iTrent Shield feature below.