Cyber Attack cyber

Cisco

May 7, 2024 1 min read
Cisco

In May 2022, Cisco faced a cyberattack initiated through sophisticated voice phishing attacks, targeting a Cisco employee's Google account. The attacker managed to gain unauthorized access to Cisco's internal systems by exploiting the employee's synchronized credentials in a browser. Cisco's quick response allowed its security team to eliminate the attacker from their network before any significant damage could occur. Later, the ransomware gang Yanluowang claimed to have leaked Cisco's files on their website. Despite this, Cisco asserted that the incident had no operational impact on its business.

Source: https://www.ekransystem.com/en/blog/top-10-cyber-security-breaches

TPRM report: https://scoringcyber.rankiteo.com/company/cisco

"id": "cis209050724",
"linkid": "cisco",
"type": "Cyber Attack",
"date": "05/2022",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Cisco',
                        'type': 'Company'}],
 'attack_vector': 'Voice phishing',
 'data_breach': {'type_of_data_compromised': ['Internal system files']},
 'date_detected': 'May 2022',
 'description': 'In May 2022, Cisco faced a cyberattack initiated through '
                'sophisticated voice phishing attacks, targeting a Cisco '
                "employee's Google account. The attacker managed to gain "
                "unauthorized access to Cisco's internal systems by exploiting "
                "the employee's synchronized credentials in a browser. Cisco's "
                'quick response allowed its security team to eliminate the '
                'attacker from their network before any significant damage '
                'could occur. Later, the ransomware gang Yanluowang claimed to '
                "have leaked Cisco's files on their website. Despite this, "
                'Cisco asserted that the incident had no operational impact on '
                'its business.',
 'impact': {'data_compromised': ['Internal system files'],
            'systems_affected': ['Internal systems']},
 'initial_access_broker': {'entry_point': 'Voice phishing'},
 'post_incident_analysis': {'corrective_actions': ['Eliminated the attacker '
                                                   'from the network'],
                            'root_causes': ['Synchronized credentials in a '
                                            'browser']},
 'ransomware': {'data_exfiltration': ['Files leaked on their website'],
                'ransomware_strain': 'Yanluowang'},
 'response': {'containment_measures': ['Eliminated the attacker from the '
                                       'network']},
 'threat_actor': 'Yanluowang ransomware gang',
 'title': 'Cisco Cyberattack',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'Synchronized credentials in a browser'}
Published by
Jeremy C
Jeremy C
You might also like
Cyber Attack cyber

VetIS

public 1 min read
A cyberattack on the Mercury platform, part of Russia’s Federal State Information System for Veterinary Surveillance (VetIS), caused significant…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.