This attack, reported on by the BBC, resulted in the data of several organisations who use Blackbaud’s software – including the University of York, University of Leeds, University of London and the charity Young Minds – having their data compromised.
It was also revealed that Blackbaud had paid the ransom; the company has declined to disclose how much was paid to the cybercriminals but it was done using Bitcoin. Pyaing a ransome goes against the advice of security agencies such as the FBI and NCA. In terms of when the attack took place, US-based company’s systems were hacked in May 2020.
Cath Goulding, CISO at Nominet provides analysis for Digital Journal.
According to Goulding: “The Blackbaud hack, which has seen at least six universities and some charities fall victim to a ransomware attack, follows an all too familiar pattern. Once again, multiple parties have been exploited through a common component in their supply chain.”
In terms of the wider picture, Goulding notes: “This demonstrates the multiplier effect of supply chain hacks and reinforces the advice that security needs to be a collaborative exercise. Across organisations and between them.”
In terms of preventative actions, Goulding says: “It is important to scrutinise your supply chain, understand their processes and ensure due diligence is done to mitigate the risk of an attack. Ideally you should be looking for suppliers that have at least the same security principles as you do.”
She also casts an eye over the action taken by the hacked organization and the implications, noting: “It is also worrying that the supplier paid the ransom. Arguably this encourages future attacks and doesn’t overcome the fact that data has been compromised.”