The NCSC has released information about the MOVEit vulnerability, which has recently been exploited by criminals affecting Zellis, a market leader for payroll and HR solutions, impacting thousands of individuals and organisations.
The stolen information from Zellis relates to employees at eight of Zellis’s customers, including the BBC, Boots and British Airways.
Anyone who believes their information has been compromised as a result of this incident find out how to protect themselves from the impact of the breach.
If you are an organisation directly affected by this vulnerability, Progress (the vendor of the MOVEit software) has issued best practice advice on mitigating this vulnerability.
For further information on this situation please refer to the NCSC webpage
The NCSC offers extensive guidance on preventing and mitigating malware attacks.
Cyber attacks that target organisations’ supply chains (rather than the organisation directly) are increasingly common. In addition to Supply Chain principles, the NCSC has recently provided:
- Guidance on how to map your supply chain
- Guidance on how to assess and gain confidence in your supply chain cyber security
- Free e-learning to help you manage cyber security risk across supply chains
The NCSC’s position, along with law enforcement, is not to endorse, promote or encourage the payment of ransoms. If you would like the NEBRC to further explain any of the technical NCSC guides, please don’t hesitate to reach out to us.
The North East Business Resilience Centre is a police-led, not-for-profit organisation that provides 24/7 cyber security support to SMEs within the region.
To discuss your business’ cyber security needs contact the NEBRC today, and sign up to receive the NEBRC’s free core membership with the latest cyber security updates and access to a wealth of handy resources.