P2022-ND-033

? On September 28, 2021, the Organization was victim to ransomware. The incident was discovered the following morning when employees were unable to access files.
? An investigation determined that a ?remote worker’s laptop was compromised resulting in a compromised connection to the worker?s onsite computer and the organization?s network. The intruder was able to use access to that computer system to access a shared drive and to deploy the ransomware.?
? It is not known how the attacker initially compromised the remote worker?s account or their laptop.
? The Organization confirmed that data was exfiltrated.

File Type: pdf
File Size: 657 KB
Categories: 2022