“I like to move it, move it” is a song by American hip house pioneers Reel 2 Reel. The song almost became the unofficial anthem of the Cl0P ransomware gang in June. As early as in March, a group of Russian hackers began exploiting SQL injection vulnerabilities in the MOVEit file transfer service, which is widely used by public sector organizations and major corporations. But it wasn’t until June that the scale of the damage caused by Cl0p began to become clear, with cybersecurity firm Rapid7 reporting that about 2,500 data had been leaked online.
The situation only got worse. On June 5, British Airways (BA), the BBC and Boots were all affected by a cyberattack on payroll company Xeris. The personal information of thousands of employees was leaked, which was directly linked to the exploitation of the MOVEit vulnerability at the time (two days later, BA and the BBC received a customary ransomware request from his Cl0p). By June 15, oil conglomerate Shell was affected. , along with financial services providers First National Bank, Putnam Investments, and 1st Source. Ransom demands appear to have peaked towards the end of the month, with Cl0p naming and accusing Siemens Energy and Schneider Electric as the latest victims of what is now believed to be one of the largest cyberattacks in history. Other victims will continue to emerge as the year progresses.
Hop on the AI hype train with MOVEIt
June was also a key month for the UK government’s AI ambitions. On June 8, the company announced the holding of the first World AI Summit. The summit is an opportunity for world leaders to come together to discuss the rules of the road regarding technology that many thought could improve or destroy the global economy. Risk mitigation was therefore a top priority. The UK government said discussions at the summit would address risks associated with the “frontier system” and how they could be reduced through internationally coordinated action.
Later that month, it further strengthened this commitment to shaping AI safety research by announcing approximately £50m of additional funding. Other government technology measures have drawn less praise. On 19 June, NHS England announced a major IT project aimed at consolidating the UK health service’s disparate data repositories, from campaign group Foxglove and the United Kingdom Medical Association (DAUK). urged to reconsider bidding for the Federal Data Platform (FDP). into one unified whole.
Mr Foxglove and Mr DAUK said that rationality in data analysis was a noble aspiration, but argued that the government’s approach to seeking public support for the data collection required by the project was grossly amateurish. That mattered much more, they continued, because the future winner of the contract to run the FDP was Palantir, a US tech company founded by an entrepreneur with particularly dark views of the NHS. This prediction was later proven to be correct).
Foxglove also claimed that research it commissioned on the issue showed that the majority of the public would not support private companies managing projects essential to the operation of the health service in the first place. Therefore, it would have made it less likely that the FDP would be able to provide useful insights, especially useful insights, into population health, as FDP proponents argued.