Total Tests:

Cisco reveals cyberattack on its corporate network

By Lance Whitney for TechRepublic
Friday, August 12, 2022

A tweet posted by threat intelligence provider Cyberknow included a screenshot of the leak site of the Yanluowang ransomware group showing Cisco as its latest victim. The Cisco Talos notice displayed a screenshot of an email received by Cisco from the attackers. Threatening Cisco that “no one will know about the incident and information leakage if you pay us,” the email shows a directory of some of the files breached in the attack.

Why security companies are becoming targets

Cybersecurity and technology vendors are increasingly being targeted by cybercriminals. And the attacks are being conducted for several reasons, according to ImmuniWeb Founder and Cybersecurity Expert Ilia Kolochenko.

“First, vendors usually have privileged access to their enterprise and government customers and thus can open doors to invisible and super-efficient supply-chain attacks,” Kolochenko said. “Second, vendors frequently have invaluable cyber threat intelligence.”

In search of useful threat intelligence, attackers conduct surveillance to determine the status of investigations by private vendors and potential police raids by law enforcement, Kolochenko explained.

“Third, some vendors are a highly attractive target because they possess the most recent DFIR (Digital Forensics and Incident Response) tools and techniques used to detect intrusions and uncover cybercriminals, whilst some other vendors may have exploits for zero-day vulnerabilities or even source code of sophisticated spyware, which can later be used against new victims or sold on the Dark Web,” Kolochenko added. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential