Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Attivo Comment: Sinclair Broadcast Group Victims of Ransomware Attack

October 2021 by Tony Cole, CTO at Attivo Networks

Following the recent news that the U.S broadcasting parent company Sinclair Broadcast Group were the victims of a ransomware attack, Tony Cole, CTO at Attivo Networks, offers the following comment;

“Ransomware is a fast and lucrative method of attack. It’s not that difficult for cybercriminals to masquerade as a legitimate user using the credentials they stole on from the initial incursion. With that user’s credentials, they conduct queries to find targets in the enterprise Active Directory system, steal more credentials with elevated privileges, and rinse and repeat until they have gained access to their target. Then, in the case of Sinclair Broadcast Group, they can steal corporate data, encrypt systems, gain control over security settings, and begin the hostage process for a ransom.    To counter these challenges, organizations must understand that they can’t prevent all attacks. They must put in place systems that detect in-network lateral movement and credential misuse, look for privilege escalation, and protect identity management systems such as Active Directory. Without this visibility, we will continue to read about these large successful ransomware attacks for the foreseeable future.”

See previous articles


See next articles