Lessons Learned From 50+ MOVEit Exploit (CVE-2023-34362) Investigations - Full Webinar
In Q2 2023, Kroll reported a notable shift towards increased supply chain risk, largely driven by the CLOP ransomware gang’s exploitation of the MOVEit transfer vulnerability. The MOVEit exploitation rendered even organizations with mature cybersecurity controls helpless and vulnerable to financial and reputational damage. Only a handful were able to detect the exfiltration, and even fewer could handle the consequences once a trusted partner fell victim.
Watch Kroll experts George Glass and Scott Downie examine the exploitation in detail and highlight lessons learned from over 50 incident response (IR) investigations handled by Kroll. They also brief participants on the complexities of third-party investigations, litigation considerations, breach notification challenges and the steps chief information security officers (CISOs) should take to raise preparedness.
Key Sections:
- 0:00 to 1:55 – Intro
- 1:55 to 2:12 – Agenda
- 2:12 to 6:30 - Backstory behind MOVEit exploit
- 6:30 to 9:29 – The CL0P timeline
- 10:40 to 15:47 – The Kroll Intrusion Lifecycle
- 15:50 to 19:40 - Data exfiltration methods
- 19:41 to 24:40 - Impact Analysis
- 24:42 to 28:18 – Minimizing impact
- 28:20 to 42:00 – Q&A session
Additional Kroll research into MOVEIt:
https://www.kroll.com/en/insights/publications/cyber/clop-ransomware-moveit-transfer-vulnerability-cve-2023-34362
Get the latest from the Kroll Cyber Risk blog: https://www.kroll.com/en/insights/publications/cyber
Demo Kroll Responder, our MDR solution: https://www.kroll.com/en/services/cyber-risk/managed-security/kroll-responder
Read the latest Cyber case studies: https://www.kroll.com/en/insights/publications/cyber/case-studies
#threatintelligence #cyberrisk #incidentresponse