Security giant Dragos hit by cyberattack blow

Ransomware attack on a computer
(Image credit: Kaspersky)

Cybersecurity firm Dragos has been targeted by a threat actor whose goal was seemingly to deploy ransomware and extort the company. 

The attempt failed, and Dragos shared the details of what had happened, in hopes to help other companies who might find themselves in a similar situation in the future.

In a blog post, Dragos reported that a threat actor managed to gain access to the company’s systems through a previously compromised email account belonging to a newly employed member of staff. They used the access to impersonate the new employee and access resources “typically used” by new sales employees, in SharePoint and the Dragos contact management system. They also managed to obtain a report with IP addresses associated with a customer, prompting Dragos to reach out to that customer immediately.

"Regrettable" theft

The company believes they had spotted the attacker on time and prevented them from doing any major damage.

“We are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware,” the blog reads. “They were also prevented from accomplishing lateral movement, escalating privileges, establishing persistent access, or making any changes to the infrastructure.”

However, that did not stop the attackers from trying to extort the company for the data they had taken. Soon after, they reached out to company executives via WhatsApp, threatening to release sensitive data to the dark web. “WE HAVE EVERYTHING.”, one of the messages reads.

As the company did not flinch, the attackers then resorted to mentioning family members, as well as reaching out to other Dragos contacts to try and trigger a response.

“While the external incident response firm and Dragos analysts feel the event is contained, this is an ongoing investigation,” the blog further states. “The data that was lost and likely to be made public because we chose not to pay the extortion is regrettable. However, it is our hope that highlighting the methods of the adversary will help others consider additional defenses against these approaches so that they do not become a victim to similar efforts.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Concept art representing cybersecurity principles
How to combat exfiltration-based extortion attacks
Ransomware
Atos now says its systems weren't hit by a ransomware attack after all
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Scam alert
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
Latest in News
Vision Pro Metallica
Apple Vision Pro goes off to never never land with Metallica concert footage
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
A close up of the limited edition vinyl turntable wrist watch from AndoAndoAndo
This limited-edition timepiece turns the iconic Technics SL-1200 turntable into a watch, and I want one