A Real-Life Cyberattack: Investigating a Breach | STRIVE

Dive into the chilling details of a real-life cyberattack in Episode 10 of the STRIVE podcast, hosted by cybersecurity expert Darren Thompson. This episode unravels a complex spear phishing attack that compromised a major corporation, offering listeners a rare glimpse into the mechanics of modern cyber threats and the resilience strategies employed to combat them.

Chapters:
00:00 Intro
01:42 Gaining illicit entry
04:56 The bad actors
05:26 Ransomware deployed
06:25 Incident response activated
07:10 The recovery process
08:32 Deploying better monitoring and communication
09:17 Lessons learned
11:42 Closing thoughts

Highlights:
* Understanding Spear Phishing: Learn how attackers used deceptive emails disguised as HR communications to deploy a remote access Trojan (RAT) on employees' laptops.

*The Role of Malware: Discover the use of Mimikatz to extract credentials and gain administrative access, highlighting the importance of robust access controls.

* Network Lateral Movement: Explore how attackers exploited system vulnerabilities and dormant administrative accounts to move laterally across the network.

* Ransomware Deployment: Gain insights into the deployment of Ryuk ransomware, which encrypted critical systems and backups, emphasizing the need for effective disaster recovery plans.

* Response and Recovery: Follow the organization’s response, from containment to recovery, learning how they managed the crisis without succumbing to ransom demands.

* Lessons on Cyber Resilience: Understand the financial and reputational impacts of the attack and how it ultimately strengthened the organization’s cyber defenses.

This episode is a must-listen for anyone interested in cybersecurity, IT management, or organizational resilience. Tune in to gain crucial knowledge that could help protect your organization from similar threats.