In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
What is a zero trust approach to cybersecurity?
A zero trust security model is based on the idea that a company should ‘never trust, always verify.’ Unlike in traditional IT network security models that trust anyone and anything within a network once it has been initially verified, with a zero trust approach no-one...
Ransomware gang LockBit taken down
Last month, the network of the notorious ransomware gang, LockBit, was seized by law enforcement. This gang was not only responsible for around 25% of attacks in the past year, according to the UK’s National Crime Agency (NCA), it was also the pioneer for the...
What is double extortion ransomware?
Double extortion attacks are a type of ransomware attack with higher stakes. In a regular ransomware attack, a hacker will infiltrate a company’s network, encrypt the data and demand a ransom to release it. This causes disruption as, whilst their systems and data are...