Metro Vancouver Transit Police revealed that it fell victim to hackers who accessed nearly 200 files in a global wave of cyber attacks attributed to a Russian cyber-extortion gang. The attack targeted a third-party file transfer system called MOVEit, and the police agency is conducting a thorough review to determine the contents of the compromised files. Fortunately, the hackers did not gain access to the Transit Police network, and the software vulnerability has been patched and repaired. The incident is not expected to impact investigations or prosecutions. The RCMP’s cybercrime investigative teams in Montreal and Vancouver are conducting an investigation into the breach.
MOVEit, a widely used file-sharing system, recently faced attacks from the Cl0p gang, a prominent cybercrime syndicate. The gang, known for its prolific activities, threatened victims with a deadline to negotiate a ransom or face the online dumping of sensitive data. Cl0p also claimed it would delete any stolen data from governments, cities, and police departments.
Other notable victims of the Cl0p gang include the Nova Scotia provincial government, Louisiana’s Office of Motor Vehicles, Oregon’s Department of Transportation, British Airways, the British Broadcasting Company, and the British drugstore chain Boots. Progress Software, the parent company of MOVEit’s U.S. maker, issued a patch on May 31 after alerting customers to the breach. Despite the prompt response, cybersecurity researchers suggest that scores, if not hundreds, of companies might have had sensitive data quietly taken.
Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, characterized the Cl0p campaign as short, relatively superficial, and quickly detected. A senior official from the agency stated that there is no evidence suggesting coordination between Cl0p and the Russian government. The incident highlights the ongoing challenges posed by cyber threats, particularly from sophisticated ransomware groups, and emphasizes the need for robust cybersecurity measures across organizations and sectors.
