Security News > 2023 > May > Dragos blocks ransomware attack, brushes aside extortion attempt

A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached.

"The criminal group gained access by compromising the personal email address of a new sales employee prior to their start date, and subsequently used their personal information to impersonate the Dragos employee and accomplish initial steps in the employee onboarding process. The group accessed resources a new sales employee typically uses in SharePoint and the Dragos contract management system. In one instance, a report with IP addresses associated with a customer was accessed, and we've reached out to the customer," the company explained.

"The cybercriminal's texts demonstrated research into family details as they knew names of family members of Dragos executives, which is a known TTP. However, they referenced fictitious email addresses for these family members. In addition, during this time, the cybercriminal contacted senior Dragos employees via personal email. Our decision was that the best response was to not engage with the criminals. The data that was lost and likely to be made public because we chose not to pay the extortion is regrettable," the company said.

Dragos has made the welcome and praiseworthy step of publicly sharing the details of the attack.

"Transparency and defense can win," noted Dragos co-founder and CEO Robert M. Lee.

"We hope sharing this can help other organizations prepare. And to be clear, the person who's personal email address was compromised before they started on boarding at Dragos will absolutely be one of our valued employees. We don't blame victims at Dragos and no one else should either."

News URL

https://www.helpnetsecurity.com/2023/05/11/dragos-ransomware-extortion-attempt/