Cyber attacks are common as the use of computers and devices increase stated by Bahaa Al Zubaidi. Cyber criminals try to gain access to systems to disable them or steal data. Even as security systems are becoming more robust, cyber criminals are also using innovative ways to attack. Knowing more about cyber attacks can help in understanding how to deal with them better. The following is a case study of a recent cyber attack with all details.

Cyber Attack: A Case Study 

XYZ is a well-known technology provider with a global presence. Interestingly, the company specializes in creating smart buildings powered by technology. Security systems is one of the solutions that they offer. Their focus is on protecting people, facilities, and assets. From access control to intrusion detection, XYZ offers security solutions to its client.

Even though XYZ was a security solutions provider, they were the victims of a cyber attack. They faced a ransomware attack on the 23rd of September 2023. A ransomware attack is where cyber criminals gain access to an organization’s system and takes it over. They disable the system and prevent the organization from using it.

The work of the organization is stalled and they face serious problems, including financial losses and loss of reputation. The cyber criminal then demand a ransom to allow the company to regain access. In the case of XYZ, the ransomware attack was carried out by a hacker group known as Dark Angels.

The hacker group claimed that they had stolen 27 terrabytes of data from XYZ. Since XYZ’s systems were encrypted they lost access. The hackers then demanded a ransom of 51 million dollars. In exchange for the ransom they would send the decryption tool and also delete all the data they had stolen.

One of the clients of XYX was the Dept. of Homeland Security. This gave rise to a fear that sensitive national security data may have been stolen. XYZ then deal with the cyber attack as follows:

  • They refused to pay ransom and instead activated disaster recovery plans.
  • The company began to take action to contain the problem and started recovery.
  • Company infrastructure that had been compromised was fixed and remedies initiated.
  • The company worked with experts who includes professionals in IT recovery and forensics. With their help, systems were restored.
  • A detailed investigation was carried out and corrective measures taken.
  • While the company suffered losses of 27 million dollars, it was recovered through insurance. This is a major learning from the incident since the company had taken insurance to bear with the losses in case of such an eventuality.

Thank you for your interest in Bahaa Al Zubaidi Blogs. For more information, please visit www.bahaaalzubaidi.com