Cyber Security Firm Dragos Targeted By Hackers

The CEO of cyber security company Dragos, Robert M Lee, received a message earlier this year from an organised crime group claiming that it had broken into Dragos’s employee email account. They  threatened Lee that they would release the company’s data unless a ransom were paid. He refused to negotiate with the attackers, so the hackers increased the amounts.

In addition, they found his son's passport, school and phone number online. Lee said the message was clear: pay up or your family is at risk. "When you start talking about your child's life and safety, things take a different turn," Lee told reporters.  He is a veteran of both the US military and the National Security Agency.

The criminal group that threatened Lee is known to resort to “swatting”, a practice when someone maliciously calls the local authorities pretending to be a victim of an armed attack, prompting a police SWAT team being sent to a target’s home. “Basically, they’re trying to get someone killed,” said Lee, who was told by local police that their best option in that situation was to lie down on the floor.

Lee is a recognised authority in the industrial cyber security industry and co-founded Dragos, a global technology leader in cyber security for industrial controls systems operational technology environments.

Other Hacking Attacks

The threats are widespread and can be highly inventive. Examples include a Ukrainian hacker who mailed a gram of heroin to the home of Brian Krebs, a journalist turned cyber security analyst. They then had a florist deliver a huge bouquet in the shape of a cross to Krebs' house. In other incidents, victims have been instructed to send money to cyber security professionals' bank accounts in an attempt to trap them. A North Korean hacker group impersonated security researchers on LinkedIn, with prospective contacts then sending malware hidden in an encryption key.

"We're an organisation that's constantly engaged with threat actors, so we have to think about our own security, from a physical standpoint," said Charles Carmakal, chief technology officer at Mandiant , which is called upon to investigate major breaches, such as recently at the State Department and to other US agencies.

But some analysts have warned that the situation is being exacerbated by the deep involvement of Western companies in the cybersecurity of Ukraine, a country that has faced the most sustained and sophisticated cyber attacks on record. "It's going to get worse," said the investigator whose home was searched. "Someone is going to get killed" was the ominous prediction he made in the Financial Times.

Dragos have firmly maintained that they will not engage nor pay ransom at any point. It's a hard stance to take, a lot of organisation will buckle under the pressure.

TechWar:     FT:     Bloomberg:     SC Magazine:     Bleeping Computer:     Dragos:     LinkedIn

You Might Also Read: 

Police Officers At Severe Risk As Personal Data Exposed:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Understanding Generative AI
Generative AI Could Replace The Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Fieldfisher

Fieldfisher

Fieldfisher's Technology, Outsourcing & Privacy Group has class-leading expertise in privacy, data & cybersecurity, digital media, big data, the cloud, mobile payments and mobile apps.

National Crime Agency (NCA)

National Crime Agency (NCA)

The NCA's Cyber Crime Unit focuses on critical cyber incidents in the UK as well as longer-term activity against the criminals and the services on which they depend.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Netteam

Netteam

Netteam designs, implements and services networking solutions for companies of all sizes.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

NeuShield

NeuShield

NeuShield is the only anti-ransomware technology that can recover your damaged data from malicious software attacks without a backup.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

Amtivo Group

Amtivo Group

Amtivo provides Certification, Inspection and Training services to national and local Government bodies, multi-nationals, enterprise clients and SMEs.