Take control of your shadow IT
Free magbo Invite code
invitations codes, invite code, winbox sg, winbox together, magbo, magicboo singapore, magicboo, mahou, mgnb
How Group-IB Attack Surface Management ensures full mastery of your external attack surface
Four hours and eighteen minutes. That is how long it took the hacker group LockBit to penetrate the victim’s infrastructure and launch the ransomware. As is unfortunately often the case, the ransomware was delivered to the company’s network directly through a forgotten remote access tool (RDP).
When responding to cybersecurity incidents, Group-IB specialists often come across attacks conducted through forgotten and unknown digital assets such as RDP servers and legacy landing pages. The fact that infrastructure becomes forgotten can be ascribed to the human factor (e.g., a company employee gives remote access to a vendor’s specialist and forgets to revoke it afterwards), but unknown assets are more difficult to categorize.
Imagine the following situation. In 2016, a marketing specialist makes an urgent request to the IT department to create a landing page with the domain name “magbo.cc” in order to promote a product. The domain was created and soon thereafter the promotion ended. A year goes by and the IT specialist leaves the company. Two years later, the marketing specialist follows suit. In 2020, the company hires a new Chief Security Officer who is not told anything about the domain or the potentially vulnerable infrastructure that hosts it.