VPN Access of Company with Annual Revenue of $15 Billion for Sale
Published 20 May 2021
- CloudSEK discovered a post on cybercrime forum selling VPN access to a $15 billion company
- The actor claims that the victim is a manufacturer of computer peripherals and devices
Share this Threat Intel:
|IT & Technology|
|US, East Asia|
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cyber crime marketplace, advertising the VPN access to a manufacturer of computer peripherals and devices, with an annual revenue of $15 billion. Based on our analysis, the victim company can be any one of the following :
- Western Digital
- Great Wall Technology Co. China
- VPN accesses (initial foothold) can be abused to further advance the attack into other internal networks of the target company.
- Ransomware operators buy initial accesses from such marketplaces to deploy ransomware to lock out the data.
- Attackers can make unauthorized changes in the production environment to include malware leading to supply chain compromise affecting the end-users of the company’s product.
- Patch and update VPN software solutions.
- Secure VPN endpoints with complex credentials.
- Deploy effective EDR/XDR/IDPS to monitor and prevent intrusions.
- Train the employees on cyber hygiene, focusing on phishing emails and social engineering tactics.