Hackers contacted cybersecurity firm CEO’s son, wife in extortion attempt


As part of the extortion attempt, the hackers called Lee’s son on a phone the child used to communicate with his grandmother, Lee said. The boy handed the phone to his mother, who hung up, Lee said. The hackers called Lee’s wife in a separate call, he said. — AFP Relaxnews

Hackers stole contracts from cybersecurity firm Dragos Inc as part of an extortion attempt that included contacting the chief executive officer’s wife and five-year-old son, according to a company blog post, documents provided by the suspected hackers and interviews.

The firm didn’t pay the hackers, who gained access to internal documents after breaching the personal email account of a newly hired Dragos sales employee, CEO Robert M. Lee told Bloomberg News in an interview.

Dragos specialises in providing cybersecurity services for industrial control systems such as power grids, water treatment plants and pipelines.

As part of the extortion attempt, the hackers called Lee’s son on a phone the child used to communicate with his grandmother, Lee said. The boy handed the phone to his mother, who hung up, Lee said. The hackers called Lee’s wife in a separate call, he said.

The attack occurred on May 8 when a "known criminal group attempted and failed at an extortion scheme against Dragos,” according to the blog. Dragos didn’t identify the hackers.

"The criminal group gained access by compromising the personal email address of a new sales employee prior to their start date, and subsequently used their personal information to impersonate the Dragos employee and accomplish initial steps in the employee onboarding process,” the blog said. The hackers accessed resources a new sales employee typically uses, including intranet software and the Dragos contract management system.

"In one instance, a report with IP addresses associated with a customer was accessed, and we’ve reached out to the customer,” the company said in the blog, which added that Dragos prevented the hackers from deploying ransomware, believed to be the primary goal, and further infiltrating the company’s network.

The hackers also contacted other company executives on WhatsApp, and those employees didn’t engage, according to Lee and the blog post. As part of an effort to increase pressure on hacking victims, cybercriminals have been contacting company executives and occasionally family members to increase the pressure to pay an extortion fee, cybersecurity officials have said.

Bloomberg News contacted a hacker via Telegram who claimed credit for the attack and described it as opportunistic. The hacker denied contacting Lee’s son but acknowledged reaching out to his wife. The hacker claimed to have stolen 130 gigabytes worth of files from the company. Stealing documents and extorting company executives has become an increasingly common tactic among criminal hacker groups, sometimes in coordination with deploying ransomware.

The hacker provided Bloomberg with a copy of a contract between Dragos and the 67th Cyberspace Wing of the US Air Force outlining a research and development agreement. The six-page document outlines an agreement for Dragos to receive network information regarding the Department of Defense’s industrial control system environment. Lee confirmed that the contract was legitimate. William Edgar, chief of staff of the 67th Cyberspace Wing, who’s name is listed on the agreement, didn’t immediately respond to a request for comment.

Dragos said it added an additional verification step "to further harden our onboarding process and ensure that this technique cannot be repeated.” – Bloomberg

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Next In Tech News

OpenAI considers taking on Google with browser, the Information reports
One tech tip: How to get started with Bluesky
FCC proposes fining Chinese video doorbell manufacturer after security concerns raised
Snap seeks to dismiss New Mexico lawsuit over child safety
Crypto industry jockeys for seats at Trump's promised council
Reddit back up after latest outage impacts thousands of users
Massachusetts student's punishment for AI use can stand, US judge rules
Exclusive-Amazon likely to face investigation under EU tech rules next year, sources say
US natgas producers chase AI-driven surge in power demand to weather low prices
Snowflake shares surge on rosy forecast, AI deal with Anthropic

Others Also Read