The Lockbit Ransomware gang has taken credit for the ransomware attack on Entrust, a digital security giant. In June, Entrust began notifying customers that they suffered a cyberattack where data was stolen from internal systems. The ransomware group attacked Entrust after purchasing access to the corporate network through “network access sellers.”
After further research on network access sellers, it appears that the number of malicious actors offering vulnerable network information have been tripling in the past few years, bringing to light the concerning fact that not only are actors aware of company breaches long before the company itself finds out, but they can use this information to operate an entire underground business, selling these highly sensitive vulnerabilities to malicious purchasers.
It is a concerning realization that businesses’ vulnerabilities are found and secretly extorted long before they are even made aware of these flaws. Without holistic awareness of the company’s IT infrastructure, unknown vulnerabilities such as this one can be found and extorted for the personal gain of the malicious network access purchaser. This attack exemplifies that one step organizations must maintain an in-depth view of the entirety of their IT estate to help mitigate and prevent cybersecurity risks. This requires the implementation of a robust cyber asset management strategy.
When investing in a cyber asset management platform, companies must ensure that it provides comprehensive, real-time observability of their entire IT environment to stay apprised of abnormalities and keep the entire attack surface secure. With comprehensive visibility into their entire IT Estate, companies can operate with confidence knowing that they can remediate issues before they are exploited.