Cyber Security Firm Dragos Targeted By Hackers

Uploaded on 2023-08-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The CEO of cyber security company Dragos, Robert M Lee, received a message earlier this year from an organised crime group claiming that it had broken into Dragos’s employee email account. They  threatened Lee that they would release the company’s data unless a ransom were paid. He refused to negotiate with the attackers, so the hackers increased the amounts.

In addition, they found his son's passport, school and phone number online. Lee said the message was clear: pay up or your family is at risk. "When you start talking about your child's life and safety, things take a different turn," Lee told reporters.  He is a veteran of both the US military and the National Security Agency.

The criminal group that threatened Lee is known to resort to “swatting”, a practice when someone maliciously calls the local authorities pretending to be a victim of an armed attack, prompting a police SWAT team being sent to a target’s home. “Basically, they’re trying to get someone killed,” said Lee, who was told by local police that their best option in that situation was to lie down on the floor.

Lee is a recognised authority in the industrial cyber security industry and co-founded Dragos, a global technology leader in cyber security for industrial controls systems operational technology environments.

Other Hacking Attacks

The threats are widespread and can be highly inventive. Examples include a Ukrainian hacker who mailed a gram of heroin to the home of Brian Krebs, a journalist turned cyber security analyst. They then had a florist deliver a huge bouquet in the shape of a cross to Krebs' house. In other incidents, victims have been instructed to send money to cyber security professionals' bank accounts in an attempt to trap them. A North Korean hacker group impersonated security researchers on LinkedIn, with prospective contacts then sending malware hidden in an encryption key.

"We're an organisation that's constantly engaged with threat actors, so we have to think about our own security, from a physical standpoint," said Charles Carmakal, chief technology officer at Mandiant , which is called upon to investigate major breaches, such as recently at the State Department and to other US agencies.

But some analysts have warned that the situation is being exacerbated by the deep involvement of Western companies in the cybersecurity of Ukraine, a country that has faced the most sustained and sophisticated cyber attacks on record. "It's going to get worse," said the investigator whose home was searched. "Someone is going to get killed" was the ominous prediction he made in the Financial Times.

Dragos have firmly maintained that they will not engage nor pay ransom at any point. It's a hard stance to take, a lot of organisation will buckle under the pressure.

TechWar:     FT:     Bloomberg:     SC Magazine:     Bleeping Computer:     Dragos:     LinkedIn

You Might Also Read: 

Police Officers At Severe Risk As Personal Data Exposed:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Understanding Generative AI
Generative AI Could Replace The Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

Apicrypt

Apicrypt

Apicrypt enables secure communications between health professionals by using strong encryption technologies.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

Digital Law

Digital Law

Digital Law is the only UK law firm to specialise solely in online, data and cyber law.

Security Engineered Machinery (SEM)

Security Engineered Machinery (SEM)

SEM provides comprehensive end-of-life solutions for the protection of sensitive information in government and commercial markets.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Rubrik

Rubrik

Rubrik helps enterprises achieve data control to drive business resiliency, cloud mobility, and regulatory compliance.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Sweet Security

Sweet Security

Sweet Security delivers Runtime Attack Security for Cloud Workloads.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.

Corgea

Corgea

Corgea is AI-powered security platform that finds, triages and fixes your insecure code.