Gorilla Glue is known for their
excellent set of products, and also the commercials. What has not been overly
publicized, naturally, is the compromise from last year. The attack was spearheaded
by The Dark Overlord. The hackers had previously attacked medical organizations
and demanded a significant ransom. The group also attacked West Park Capital,
an investment bank. In this instance the attacker claimed to have over 500GB of
data from Gorilla Glue. Included in this mass amount of data was IP, product
designs, access to company email accounts, Dropbox, financial spreadsheets,
invoices, strategy documents, presentations, contracts with banks, and other
confidential documents (Cox, 2016; Bisson, 2016). This was a rather brazen
claim. Without some form of authentication, there would be a minimal amount of
credibility. To circumvent this issue, The Dark Overlord forwarded 200MB of
files to Motherboard (Cox, 2016). These were also forwarded to Gorilla Glue as
evidence.
Ransom
As with any attack of this nature,
it is presupposed that there would be the threat of releasing the data if a fee
is not paid. This was not an exception. As with the two prior victims (a
medical group and the investment bank), Gorilla Glue was provided with a
“handsome business proposal” (Bisson, 2016). There were two primary options-pay
or don’t. The paying has issues of not receiving the data, the data being
released later, malware being left on their system, etc. With not paying the
immediate threat would have been the release of their data, short-term loss of
respect, and damage.
References
Bisson, D.
(2016, November 18). Gorilla glue finds itself in sticky situation after
hackers steal data. Retrieved from https://www.grahamcluley.com/gorilla-glue-finds-sticky-situation-hackers-steal-data/
Cox, J.
(2016, November 17). Hackers claim theft of data from gorilla glue. Retrieved
from http://motherboard.vice.com/en_au/read/hackers-claim-theft-of-data-from-gorilla-glue
No comments:
Post a Comment