British Airways (BA) has recently fallen victim to a cybersecurity attack that compromised payroll data for its UK-based staff. Threat actors attacked Zellis’ service provider, which uses a third-party file transfer company called MOVEit, to gain access. This incident underscores the critical need for robust cybersecurity measures and highlights the potential benefits of Security Operations Centre (SOC) services.
In response to the incident, BA issued a statement explaining the situation. “We have been informed that we are one of the companies impacted by Zellis’ cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit. Zellis provides payroll support services to hundreds of companies in the UK, of which we are one. This incident happened because of a new and previously unknown vulnerability in a widely used MOVEit file transfer tool,” the BA spokesperson said.
The data breach has not only affected BA but has also impacted other major UK-based companies, including Boots, a high street pharmacy chain.
This news was closely followed by reports of the University of Manchester investigating a cybersecurity incident in the same week. The university announced it was investigating unauthorised activities on its network earlier, but has since issued a statement verifying that a data breach did occur. “It has been confirmed that some of our systems have been accessed by an unauthorised party and data have likely been copied,” said the university spokesperson.
Unlike the BA incident, the threat actors responsible for this incident are yet unknown. However, the investigation into who perpetrated the attack and what information they stole is still ongoing. Meanwhile, the university has urged its 40,000 students and more than 12,000 staff members to stay alert to phishing attacks that might take place on the back of this data breach.
These incidents highlight the increasing sophistication and persistence of cyber threats faced by organisations across various industries. One of the reasons for that is the rise of easily-accessible AI tools. For example, there were reports earlier in the year that hackers were using ChatGPT to write malware and customised social engineering messages. Another risk posed by AI is automated attacks, which largely do not require human intervention, and which has resulted in cybersecurity experts wondering if penetration testing could be similarly automated.
As cyber incidents continue to rise, so does the importance of investing in robust cybersecurity measures. Leading managed security service provider (MSSP), DigitalXRAID, advises businesses to use advanced security measures to defend against sophisticated attacks and safeguard both customer and company data.
According to this service provider, a security operations centre (SOC) is one of the best ways to keep a business’s networks and systems secure. This outsourced service provides 24/7 monitoring, with cybersecurity experts and analysts on hand to act immediately when an intrusion occurs. The MSSP claims that, whilst cyber-attacks will always be a threat, constant monitoring could help prevent data breaches and ensure that threat actors are not able to cause as much damage.
Parul Mathur has been writing since 2009. That’s when she discovered her love for SEO and how it works. She developed an interest in learning HTML and CSS a couple of years later, and React in 2020. When she’s not writing, she’s either reading, walking her dog, messing up her garden, or doodling.