Shell Hit by Clop Ransomware Attack

Published on

Dec 26, 2023

Shell is a global leader in the oil and gas industry.

The cybercriminal gang successfully infiltrated Shell’s file transfer tool, MOVEit, and included the renowned British multinational on their extortion site. This is not the first time Shell has been targeted by the Clop gang, who specialize in exploiting vulnerabilities in file transfer services.

With an impressive workforce of over 80,000 employees worldwide and revenues exceeding $381 billion in the previous year, Shell presents an enticing target. However, the company assures that its core IT systems remain unaffected by the breach. Shell’s dedicated IT teams are actively investigating the incident and have made it clear that they will not negotiate with the hackers.

Although Shell and Ofcom have experienced relatively minimal impact, as they utilize the MOVEit tool within limited settings, Transport for London, responsible for public transportation in the capital, has confirmed being affected by the same attack.

Approximately 13,000 drivers’ information stored in Transport for London’s databases has been compromised, and the affected individuals have been notified of the data breach.

This incident marks the second time Shell has encountered the Clop gang. In 2021, the group targeted Shell by hacking into Accellion’s file transfer appliance and attempted to extort companies using the compromised service by threatening to leak sensitive information. The Accellion attack impacted over 100 organizations globally, including several universities in the United States and Canadian aerospace manufacturer Bombardier.

The software company Progress, the developer of the widely used MOVEit tool, recently announced a second vulnerability that further contributed to the breaches.

Other Articles

News

Institute of Space Technology hit with ransomware attack

The hacker group Medusa has targeted the Institute of Space Technology (IST), a public university in Islamabad, with a ransomware attack.

Behind the Scenes of Modbus: Cybersecurity Risks and Solutions

Born in 1979, it was created by Modicon and quickly became a cornerstone for establishing communication between intelligent devices in industrial settings. Modbus is a messaging structure that facilitates master-slave and client-server communication, enabling the seamless exchange of critical data

Noteworthy Threats in ICS Malware Analysis

Industrial control systems (ICS) form the backbone of critical infrastructure sectors, enabling the efficient management of industrial processes. However, these systems have increasingly become prime targets for malicious actors aiming to disrupt services, compromise sensitive data, or sabotage operations.

Cybersecurity Awareness

The Best Password Managers for Online Security

In today’s interconnected digital world, where nearly every aspect of our lives involves online accounts and personal data, ensuring the security of our information has become paramount.