Cyberattack on Aon

Late this weekend, a cyberattack on insurance giant Aon was reported and confirmed by Dublin Airport Authorities, which were impacted by the breach. Reportedly, the attack resulted in a data leak of financial information including personal information regarding payroll and benefits of over 2000 employees of the airport.

The cyberattack in question was targeted at the London-based insurance provider company Aon and also affected various other firms, the Dublin Airport Authority (DAA) said on Sunday. The entry-point in question appears to have been the file-transfer software tool MOVEit, which was used to breach internal Aon systems.

The breach and initial leak was apparently made by the so-called Clop Ransomware gang, which has come away with an unspecified amount of employee information including payroll details and other identifying details.

The loss of employee information is likely to lead to a corresponding rise of phishing and attempts at identity theft, using the stolen and presumably sold information for these purposes. In this way, a successful cyberattack can spiral into future attacks down the line, building on one success and attempting to leverage stolen information and access.

Protect internal information with an archive and backup

AON has not provided any details of the attack other than that it occurred this past Friday and affected a limited number of systems. However, having come from a cybercrime gang known for ransomware attacks, it is likely the cyberattack on Aon involved at least a measure of the affected data being encrypted. Ransomware criminals like targeting insurance providers, according to an interviewed member of the REvil gang, since they usually have cyber crime insurance and are thus more likely to pay a ransom for their data.

While preventative measures are imperative in order to prevent one’s systems from being compromised in the first place, a disaster mitigation and recovery strategy being implemented can help prevent the worst effects of a breach. In the case of ransomware, an archive or backup can be instrumental in restoring access to data without having to acquiesce to extortion payments.

Ensure the best protection with contentACCESS

TECH-ARROW’s contentACCESS archive and backup represents the gold standard in the field, providing a flexible solution capable of backstopping your cybersecurity measures and practices. With a proven history of providing reliable protection to our clients, contentACCESS represents a robust and trustworthy option for any organization’s disaster recovery planning.

In addition to providing an invaluable level to disaster mitigation and legal compliance, contentACCESS’ search system allows for a performance boost – offloading your live servers into an archive and improving their responsiveness without losing direct end-user access to the files, which remain easily found via our full-text search system regardless of source or format.

Prepare your organization to tackle future challenges – including security, compliance, and an ever increasing data load. Make sure you select the best solution for meeting your needs. If you’re ready to take that next step into the future – contact us and our team. We can set up a cost-free consultation and discuss both your needs and the possibilities we offer.

 

Take the best steps to protect your data – with TECH-ARROW.

Archive all your O365 data with contentACCESS

by Matúš Koronthály