Legal Operations » Cyber Attackers Demand Ransom From Cisco

Cyber Attackers Demand Ransom From Cisco


Cisco discovered a breach of its network on May 24, 2022. A ransomware gang had gained access to the company’s virtual private network (VPN) by convincing an employee to accept a malicious multifactor authentication (MFA) push notification. The breach resulted in cyber attackers gaining access to the company’s VPN, and the company announced the theft of an unspecified number of files from its network on August 10, 2022. Compromising the employee’s personal Google account gave the attackers access to the employee’s business credentials through the synchronized password store in Google Chrome. The attackers then moved through the network by escalating privileges, logging into multiple systems, and installing remote access software tools and offensive security tools. The company acknowledged that the threat actors published a list of files stolen from the network and demanded a ransom, although they did not deploy ransomware. Cisco believes the threat actor is an initial access broker — an adversary that gains unauthorized access to corporate networks and then sells that access as a service on the Dark Web. 

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

Legal Ops Need to Assess Their Information Governance Programs

The AI Executive Order’s Impact on the Healthcare Industry

President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and […]

14 Proven Tactics to Elevate Your Law Firm's Webinars and Drive Results

Cybersecurity Agency Warns About Hacking Collective

The Cybersecurity and Infrastructure Security Agency and the FBI have issued a […]

Understanding Quantum Security Essential In Mitigating Risk Of Newest Cyber Threat

Data Privacy and Reputation Concerns About Adopting AI

Reputational damage was the greatest source of concern about AI, followed by […]

Scroll to Top