Digital Safety Giant “Entrust” Breached Through Ransomware Gang

Digital Safety Giant “Entrust” Breached Through Ransomware Gang

The acceleration in digital transformations and momentum gained by cybercrimes during COVID-19 pandemic has led to the evolution of cyber-threats faced by different organizations. The cybersecurity threat landscape remains challenging with hybrid and interconnected digital workspaces expanding the attack surface. Gartner ranked ransomware attacks with an occurrence of 88% as one of the top cybersecurity risks of 2022.

A recent incident reported by bleeping computer features the digital security giant Entrust’s corporate data breach by a ransomware gang. Entrust extends authentication and identity-based security software management to a large number of critical and sensitive organizations including US government agencies such as the Department of Homeland Security, the Department of Energy, the Department of the Treasury, the Department of Health & Human Services, the Department of Veterans Affairs, the Department of Agriculture, and many others. The ransomware attack group carried out their attack flow by relying on the credentials stolen from the trusted network access of sellers which led to the breach in the company’s internal systems, exfiltration of files and subsequent encryption. The ransomware attack gang can blackmail Entrust into paying a ransom or risk data breach disclosure which may result in regulatory fines. Data breaches after a ransomware assault come with monetary and reputational costs .The security notice published by the company confirms that data was stolen from Entrust’s internal systems, but doesn’t provide additional information about what data the hackers got access to.

The high-momentum cyber attacks can be curbed by focusing on cyber resilience and aligning the cybersecurity awareness of organizations with the progressing cyber threats.The lower awareness and lack of cybersecurity infrastructure can lead to a significant damage because of gaps in security controls and process maturity.The organizations must put contingency plans in place to steer clear of the ransomware attack repercussions.

Share This On Your Favorite Social Media!