Cisco Systems, Inc., is more commonly called Cisco. It is a technology conglomerate with its headquarters in San Jose, California. It is known for manufacturing and selling software, hardware, and similar types of products.
Ransomware hackers recently hit Cisco. The hackers stole nearly three gigabytes of data. The ransomware hackers published a list of files it intended to reveal to other criminals, including identity thieves and miscreants lurking on the dark web. However, only part of the list was published in an attempt to convince the tech giant to fork over the requested ransom payment.
Hackers used the access vector of phishing to access the personal Google account of a Cisco employee. The accessing of this account ultimately compromised user credentials and also set the stage for the accessing of the Cisco VPN. It appears as though the threat actor responsible for the attack is linked to UNC2447, a hacking collective in Russia.
This breach occurred on May 24, 2022.
The breach impacts Cisco and its clients. Though it appears the stolen information was not highly sensitive, data security experts are quick to point out that compromising a corporate network can lead to much-desired publicity and credibility with other hackers that leads to lucrative opportunities down the line. It is quite possible that the Cisco hack was nothing more than an initiation challenge issued from one hacker to another as a benchmark to prove one’s merit for future endeavors.
Cisco did not reveal the specific number of files accessed in the attack. However, the breach exposed nearly three gigabytes of information. Read about Cisco’s previous breach at Ex-Cisco Employee Deletes WebEx Accounts Facing Charges.