Consumer goods giant Procter & Gamble (P&G) has been targeted in a recent cyber attack that saw hackers exploit a bug in the data transfer tool GoAnywhere to obtain “some information” about employees. P&G has not said whether it paid the attackers to retrieve the stolen data.
The breach occurred because of vulnerabilities in the software, which have been targeted by a Russian group that sells ransomware.
P&G’s situation is not unique, as more new technologies and avenues to find software vulnerabilities lead to more attacks, according to cybersecurity expert Deep Ramanayake.
Speaking to WLWT, Ramanayake explained that companies with a large physical footprint, such as P&G, were often targeted in ransomware attacks.
He explained that ransomware was a popular method for hackers to make money, as companies would often pay for the safe return of valuable information.
Ramanayake added that this method was popular with Russian hackers because laws in other countries do not apply to them.
The cybersecurity expert added that this incident highlights the difficulties that companies face when it comes to securing their data.
Ramanayake said that no system is 100% secure, and new technologies only provide more opportunities for hackers to find vulnerabilities.
As such, companies must prioritize investing in their cybersecurity defenses to minimize the risk of such incidents occurring.
The attack on P&G came as a result of the exploitation of a vulnerability in the file transfer tool that it had been using, and companies must ensure that their software and technology are secure and up-to-date to reduce the likelihood of similar attacks.
