Known ransomware group attempted extortion, claims Dragos was successful in blocking it
In a recent turn of events, the cybersecurity firm Dragos has found itself at the receiving end of an extortion attempt by an unidentified threat actor. According to Ryan Bell, threat intelligence manager at Corvus Insurance, using stolen data for extortion is on the rise. This year, Corvus Threat Intel's yet-to-be-published research shows that 27% of new extortion groups have engaged in data-theft-only attacks, compared to 17% in 2021. The threat actor managed to gain access to Dragos by compromising the personal email of a new sales employee before they started working. Impersonating the employee during the onboarding process, they gained access to SharePoint and contract management resources. However, the hackers were unable to deploy ransomware or move laterally, escalate privileges, establish persistence, or make any alterations to Dragos' infrastructure. The extortion attempt occurred this week, with senior level Dragos employees being contacted via personal email and the hackers also reaching out to publicly known contacts of the company. The hackers accessed a report with IP addresses associated with one of Dragos' customers, but none of Dragos' systems were breached, including the Dragos platform. In response to the incident, Dragos activated an incident response retainer with a top service provider and a third-party monitoring, detection, and response provider. The company has also reached out to the affected customer. Jon Amato, senior director analyst at Gartner, stated that the potential fallout from this incident is more reputational than anything else. Based on the history of recent incidents involving firms like FireEye, Okta, and other security firms, the reputational hit should be short-term, Amato said. Despite the efforts to negotiate, the hackers threatened to make the stolen data public because Dragos did not give in to extortion demands. No specific ransom amount was disclosed. As of now, it is unclear who the mastermind behind the threat against Dragos is. A spokesperson for Dragos was in the process of responding to queries, but did not have the information in time for publication.
Read also:
- Cyber Attack Nets $14 Million from WOO X Across Four Different Blockchains
- Auto industry giants Fescaro and TUV Nord team up for cybersecurity certification in automobiles
- Nigerian Securities and Exchange Commission (SEC) teams up with Chainalysis to combat cryptocurrency fraud activities
- International marketing firm We Are Social intensifies global strategy for gaming industry
