Posts

Showing posts from May 16, 2021

Dark side ransomware on colonial pipeline network

Image
We all know about the recent ransomware attack on Colonial pipeline. With regard to this, let us try to understand what happened exactly: About the firm: The largest refined products pipeline in the US, it is involved in transporting over 100 million gallons of fuel across their corridors. The recent ransomware attack against colonial pipeline's networks led to an emergency declaration in 17 states and the district of Columbia across 5,500 miles of fuel pipeline Let’s understand about Darkside ransomware Darkside is a relatively new ransomware strain that made its first appearance in August 2020. It follows RaaS (ransomware-as-a-service) model. It follows a double extortion trend like: 1.       Threat actors encrypt the user’s data 2.       Exfiltrate the data and threaten to make it public if the ransom demand is not paid. Their ransom demand ranges between $200,000 to $2,000,000. Let’s now understand how the attack ve...

A leaf out of Digital Forensics adventures- Part 1

Image
What is digital forensics? A specialized branch of forensic science that works to recover and investigate digital devices in the world of cybercrime. The aim of this work is to identify, preserve, analyze, and document digital evidence in order to present it to the relevant law authorities as and when required. Who is a Digital forensics investigator?  A person who has a mindset to discover evidence and trace back the storyline to solve the case. It can range from discovering:  • How attackers gained access to the network- or the point of breach • Lateral movement on the network- or affected systems discovery • Information stolen or backdoors planted- Corporate Espionage  • Recover data that were attempted for deletion, damage as well as manipulation. Let’s now analyze the different phases across a digital forensics investigation: Phases: 1. First-line incident response The focal point right after a suspected breach /security incident is known as the first respo...