Cyber Security Firm Dragos Targeted By Hackers

Uploaded on 2023-08-29 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

The CEO of cyber security company Dragos, Robert M Lee, received a message earlier this year from an organised crime group claiming that it had broken into Dragos’s employee email account. They  threatened Lee that they would release the company’s data unless a ransom were paid. He refused to negotiate with the attackers, so the hackers increased the amounts.

In addition, they found his son's passport, school and phone number online. Lee said the message was clear: pay up or your family is at risk. "When you start talking about your child's life and safety, things take a different turn," Lee told reporters.  He is a veteran of both the US military and the National Security Agency.

The criminal group that threatened Lee is known to resort to “swatting”, a practice when someone maliciously calls the local authorities pretending to be a victim of an armed attack, prompting a police SWAT team being sent to a target’s home. “Basically, they’re trying to get someone killed,” said Lee, who was told by local police that their best option in that situation was to lie down on the floor.

Lee is a recognised authority in the industrial cyber security industry and co-founded Dragos, a global technology leader in cyber security for industrial controls systems operational technology environments.

Other Hacking Attacks

The threats are widespread and can be highly inventive. Examples include a Ukrainian hacker who mailed a gram of heroin to the home of Brian Krebs, a journalist turned cyber security analyst. They then had a florist deliver a huge bouquet in the shape of a cross to Krebs' house. In other incidents, victims have been instructed to send money to cyber security professionals' bank accounts in an attempt to trap them. A North Korean hacker group impersonated security researchers on LinkedIn, with prospective contacts then sending malware hidden in an encryption key.

"We're an organisation that's constantly engaged with threat actors, so we have to think about our own security, from a physical standpoint," said Charles Carmakal, chief technology officer at Mandiant , which is called upon to investigate major breaches, such as recently at the State Department and to other US agencies.

But some analysts have warned that the situation is being exacerbated by the deep involvement of Western companies in the cybersecurity of Ukraine, a country that has faced the most sustained and sophisticated cyber attacks on record. "It's going to get worse," said the investigator whose home was searched. "Someone is going to get killed" was the ominous prediction he made in the Financial Times.

Dragos have firmly maintained that they will not engage nor pay ransom at any point. It's a hard stance to take, a lot of organisation will buckle under the pressure.

TechWar:     FT:     Bloomberg:     SC Magazine:     Bleeping Computer:     Dragos:     LinkedIn

You Might Also Read: 

Police Officers At Severe Risk As Personal Data Exposed:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Understanding Generative AI
Generative AI Could Replace The Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Bob's Business

Bob's Business

Bob's Business adopts a fresh approach to information security awareness and compliance training, delivering key information through the use of short animated movies.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

MailXaminer

MailXaminer

MailXaminer is an advance and powerful email investigation platform that scans digital data, performs analysis, reports on findings and preserves them in a court validated format.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

bwtech@UMBC

bwtech@UMBC

The bwtech@UMBC Cyber Incubator is an innovative business incubation program that delivers business and technical support to start-up and early-stage cybersecurity/IT products and services companies.

Seavus

Seavus

Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions including Managed Security Services.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

TAC Security

TAC Security

TAC Security is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

ENSCO

ENSCO

The ENSCO group of companies provides engineering, science and advanced technology solutions that guarantee mission success, safety and security to governments and private industries worldwide.

IPKeys Technologies

IPKeys Technologies

IPKeys delivers innovative cybersecurity and technology solutions focused on helping the federal government reduce risk and protect the US from cyberattacks.

Persona

Persona

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Apollo Information Systems

Apollo Information Systems

Apollo is a value-added reseller that provides our clients with the complete set of cybersecurity and networking services and solutions.