HQ/EMEAFind out how we can help your business
Earlier this week, oil and gas company Shell admitted that it suffered a malicious attack from the Cl0p ransomware group. Based on reports, the group utilised the flawed MOVEit file transfer tool to breach some of the company and posted it on its extortion website.
Shell is the home to over 80,000 individuals worldwide and earned nearly $400 billion last year. This is the second time Cl0p group have hacked Shell by exploiting a file transfer service.
A Shell representative claimed that the gas company was aware of the incident.
The cybercriminal attack impacted Shell’s third-party tool, MOVEit transfer. The gas company employed the tool so a small number of its employees and customers could use it.
The gas company then claimed that the attack did not affect its core IT systems. In addition, its IT teams are still investigating the incident. The company has yet to contact the threat actors despite confirming their identity.
Cl0p has banked many attacks using the MOVEit flaw, which allowed it to claim numerous victims in the UK. The group’s confirmed victims through the MOVEit vulnerability include BBC, Boots, and Ofcom communication regulator.
However, researchers stated that Shell and Ofcom appear less significantly affected by the ransomware attack despite being direct users of the file-transferring tool. The latter company noted that the attackers downloaded limited information during its campaign. The group has still collected approximately 412 Ofcom employees.
On the other hand, BBC, British Airways, Boots, and Aer Lingus suffered more significant damage during the attacks. Moreover, the MOVEit breach exposed more information about the companies since most of them used the tool for payroll services.
The first attack of Cl0p against Shell happened in 2021 after it hacked Accellion’s file transfer tool to extort the company. The group tried to leak the stolen information to gain more leverage and pressure Shell to comply with their demands.
The ransomware group also used Accellion for most of its campaigns, impacting over 100 organisations worldwide. Some of its victims came from the United States and Canada.
