Malware & Ransomware Protection

The Recent Global Cyberattack Affecting MOVEit Applications: How Sotero Could Have Helped

rectangle Written by: Anne Gotay rectangle 2 5 min read

On June 15, 2023, an international wave of cyberattacks hit several US federal government agencies and hundreds of companies. Orchestrated by the Russian cybercriminal gang, Clop, the attackers exploited a software vulnerability in the MOVEit applications, a widely used software​​.


Background Information

Progress Software, the company that created the software, discovered a second vulnerability that they were working to fix​. This incident exposes a critical issue – the omnipresent risk of software defects leading to catastrophic data breaches. While there were no significant impacts on federal civilian agencies, the hackers were largely opportunistic in their methods​​. This is where Sotero could play a pivotal role in enabling organizations with cyber resilience.


New Threat Actors Require Organizations to Have New Defenses

Sotero’s unique combination of Data Security Posture Management (DSPM) and Data Defense and Recovery (DDR) provides a solution that is specifically designed to tackle these types of threats. Using advanced AI and ML capabilities, Sotero tracks sensitive data, assesses risks, and fortifies defenses to provide robust multi-layered protection against potential threats, even those that exploit software vulnerabilities​​.

One of the most notable features of Sotero’s solution is its real-time detection and response to cyber threats. In the context of the recent cyberattack, this is quickly becoming a game-changer. The MOVEit vulnerability was exploited by opportunistic hackers, but with Sotero’s DDR, such threats could be detected and stopped in an average of 77 seconds, preventing an attack before it causes significant damage​​.

But How Exactly Does Sotero Achieve This?

Out technology is purpose-built for the data layer. The majority of ransomware solutions focus on the network level. While threat actors first penetrate the network layer, an attacker often passes the network unnoticed and deploys malicious code that lies dormant until it executes months later. By the time an organization becomes aware of the attack that has started executing, it’s in full force if not too late by the time it is caught or stopped. Sotero, on the other hand, diligently monitors all activity on data, regardless of whether it is an application or end user utilizing advanced machine learning (ML) algorithms. Should any data access read or write requests get flagged as malicious, the technology quarantines the potentially malicious activity and either stops it in real-time or sends appropriate alerts. Any threat actor is neutralized in an average of 77 seconds, drastically reducing the blast radius.

Because our technology takes a layered approach to security, patented queryable encryption technology ensures that any data that may be exfiltrated is rendered useless as it stays encrypted. As a results, an attacker cannot hold the victim organization at ransom with extortion attacks. A granular forensic dashboard allows organizations to immediately know what data was compromised until the attack was stopped, down to timestampes and granular data asset. This, in turn, lets organizations recover within minutes to hours instead of weeks to months. Downtime becomes negligible instead of amassing costs of not being able to do business while running forensics and trying to get systems back online.


Lessons Learned

In light of the recent cyberattack, it’s clear that the need for advanced data security is more pressing than ever. Businesses and organizations need to be able to have greater trust that their data is secure, no matter what threats they might face. With its focus on real-time threat detection and response, Sotero provides a solution that not only meets this need but goes beyond it, offering robust protection that can adapt and respond to an ever-evolving landscape of cyber threats.

In a world where software vulnerabilities can be exploited by malicious actors, solutions like Sotero are not just valuable, they are essential. With Sotero, businesses can focus on their mission, secure in the knowledge that their data is protected against even the most unpredictable threats​​. After all, what is posture management worth if you can’t stop malicious activity in its tracks? As the recent cyberattack shows, the time for comprehensive data security solutions like Sotero is now. Book a demo today to see our technology in action.


data security

Subscribe to our Blog

Take a look at a truly encrypted future, with no data left unsecure.

Request a Live Demo.

Schedule a live one-on-one
demo of Sotero.

Book Demo