VPN Access of Company with Annual Revenue of $15 Billion for Sale

###### Category Adversary Intelligence
###### Affected Industries IT & Technology
###### Affected Region US, East Asia

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cyber crime marketplace, advertising the VPN access to a manufacturer of computer peripherals and devices, with an annual revenue of $15 billion. Based on our analysis, the victim company can be any one of the following :

  • Western Digital
  • Great Wall Technology Co. China

Threat actor’s post advertising the VPN access

Potential Impact

  • VPN accesses (initial foothold) can be abused to further advance the attack into other internal networks of the target company.
  • Ransomware operators buy initial accesses from such marketplaces to deploy ransomware to lock out the data.
  • Attackers can make unauthorized changes in the production environment to include malware leading to supply chain compromise affecting the end-users of the company’s product.

Mitigation Measures

  • Patch and update VPN software solutions.
  • Secure VPN endpoints with complex credentials.
  • Deploy effective EDR/XDR/IDPS to monitor and prevent intrusions.
  • Train the employees on cyber hygiene, focusing on phishing emails and social engineering tactics.
1 Like