On May 10, 2023, unknown hackers attempted to infiltrate Dragos, one of the leading industrial cybersecurity firms that works with government agencies and utilities globally, in an unsuccessful campaign that targeted the company’s executives and their family members. The incident began with an employee’s compromised personal email, according to the company’s blog post. The hackers attempted to infiltrate several other portions of Dragos infrastructure such as IT help desk, financial and marketing systems. Additionally, the attackers tried to access an employee recognition system and “sales leads.” According to Dragos, the hackers pilfered some data from the Microsoft collaboration program SharePoint and 25 intelligence reports, one of which had an IP of a customer. However, the hackers failed to breach corporate systems or products due to their sophisticated security controls. Dragos stated clearly that they did not pay the extortion demands of the hackers, which escalated to targeting their executives and their families.
## Transparency applauded
Dragos’ public response to the attack and the company’s transparency generated praise from experts. Brain Harrell, the former assistant secretary at DHS, said that “while there were no impacts to customers, this is a clear-cut example of how to isolate, mitigate, recover, and disclose.” He also said that “with nation-state adversaries targeting the vendor communities that serve critical infrastructure, this transparency model is one for others to emulate when faced with an issue.”
## Strong security controls are essential
The Dragos incident underscores the importance of having strong security controls, especially for organizations that serve critical infrastructure. Had Dragos not had sophisticated security controls in place, things could have resulted in a ransomware attack that would have significantly impacted operational systems. This incident also demonstrates why it is essential for companies to train employees on the importance of cybersecurity hygiene, such as refraining from clicking on unknown links and using two-factor authentication to protect personal emails.
## Need for a comprehensive security framework
While Dragos took quick action to contain the threat, pilfered data that is likely to be made public because the company chose not to pay extortion, is regrettable. Organizations should take this incident as a wake-up call and reinforce their cybersecurity posture with a comprehensive security framework that encompasses risk management, security policy development, threat detection, and response.
<< photo by Tima Miroshnichenko >>
You might want to read !
- “Collaboration and Cybercrime: RapperBot Crew Teams Up for DDoS/Cryptojacking Botnet”
- “Global APT Attacks: China, North Korea, and Iran Implicated, While Russia Targets Ukraine and EU, According to ESET Report”
- Microsoft’s Bootkit Zero-Day Fix – A Cautious Patching Approach or a Much Needed One?
- “Twitter Rolls Out End-to-End Encryption for DMs, But Elon Musk’s Caution is Warranted”
- Smashing Pumpkins Frontman Billy Corgan’s Response to Alleged Hacker: Pay Up!
- Ransomware Attacks: The Alarming Rise of Legitimate Software Misuse
- PHP Community on Alert as Hacker Poisons Packagist Supply Chain in Quest for Job
- Why the reluctance to report ransomware attacks is hindering the fight against cyberattacks
