P2021-ND-339

On August 19, 2020, the Organization discovered that it was victim to ransomware. The attack began on or about August 13, 2020 when a server was infected with malware. Several strains of malware, use of offensive tools (Cobalt Strike), and lateral movement of the attacker(s) to other systems were reported. On September 14, 2020, the Organization discovered that exfiltrated records were leaked on the Dark Web. It is not known how the attackers initially compromised the Organization?s network.

File Type: pdf
File Size: 605 KB
Categories: 2021