HTC Global Services Cyber Incident
December 2023 by Daniel Lattimer, Vice President, Semperis
The comment from Daniel Lattimer, Vice President UK&I, Semperis regarding the confirmed breach of HTC Global Services.
News reports of ALPHV/BlackCat’s breach of HTC Global Services is yet another reminder that organisations can’t afford to have an off day because threat actors are motivated by greed and the thrill of breaching the next public and private sector organisation. While details of this cyber incident are scant, there is a possibility the threat actors posted stolen data from the company because they refused to meet their ransom demands.
At some point every organisation faces the harsh reality that it will be caught in the crosshairs of ransomware gangs such as ALPHV/BlackCat. My advice is to take the fight to the threat actors, not in a physical sense, but by being aggressive in closing the back doors in the networks the threat actors often find and by improving resiliency to put a stop to the ransomware scourge. When organisations do this, it forces the criminals to look for softer targets.
In addition, every company should know what their critical systems are, including identity infrastructure such as Active Directory because user and service accounts are key factors in most cyber security breaches before attacks occur. Today is a great day to start if they don’t know. In addition, tabletop exercises that simulate critical systems’ recovery before an incident occurs are important as well as having real time visibility to changes to elevated network accounts and groups. In addition, roll out security awareness training to all employees in 2024 as the weakest link in an organisation’s ecosystem are employees that unsuspectingly click on malicious links.