8 July 2021

MHR not affected by major global cyber-attack

This month a major cyber-attack has affected approximately 1,500 organisations worldwide and is thought to be one of the biggest ransomware attacks in history.

The attack encrypted vast amounts of data, taking many organisations offline. The attackers have demanded $70m for the key to decrypt the data. 

The root cause of the attack was the exploitation of an unknown vulnerability in a widely used software product. The software was used by managed IT service providers to administer the IT systems of other organisations, so the initial compromise of 50 organisations worldwide provided access to hundreds more businesses. This is the biggest supply-chain attack since the Solarwinds breach in 2020. 

MHR can confirm that they are not affected by this attack as they do not, nor their IT service providers, use the vulnerable software. As an additional check, the indicators of compromise (IOCs) associated with the attack have been checked and confirmed not to be present in the MHR IT environment. MHR uses a specialist, third-party managed security service provided to monitor its systems 24/7 to identify these or similar types of attacks. 

It is very hard for organisations to protect against these types of supply chain attacks, as the malicious actors gain access through trusted software. The best way organisations can protect themselves is to ensure they have effective, layered security against ransomware and security monitoring in place to identify and respond to a breach. 

Next steps for protecting against cyber-attacks

  1. If you are unsure whether your organisation has been affected by the incident, speak to your internal security or IT team and follow the advice from the vendor here
  2. If you would like help in assessing whether your organisation has effective security controls in place to protect against a ransomware attack, or would like to undertake a controlled, simulated ransomware attack to see how your organisation would fair against an attack, please contact your customer relationship manager. 
  3. If you would like to understand how you can better protect your iTrent application against cyber-attacks on your organisation, see the iTrent Shield feature below.  
iTrent Shield

Blog tags

Cyber Security 2021 MHR

Will North

Will is the Chief Information Security Officer at MHR and has over a decade of experience within the cyber security industry helping organisations to identify their critical information security gaps and implement pragmatic solutions to mitigate information security risks to an acceptable level.

Related blog posts

1 August 2024

Embracing the Benefits of AI in the Workplace Securely

While AI offers numerous benefits, it also presents specific risks that must be managed carefully. In this blog, we examine the key risks associated with AI, how we've implemented AI…

26 July 2024

Cyber Security: four trends to watch

Over the next few months, we’ll be addressing the latest topics, trends, and developments in the cyber security industry and their impact on the workplace. In this introductory post, we…

3 November 2023

How will technology and cybersecurity change in 2024?

“I wonder if the main technological challenge of 2024 will be getting any interesting technology noticed over the noisy large language model gorilla in the room!”- Neil Stenton, Research Engineer…

Looking for something specific?