• HOME

  • ABOUT

  • SOLUTIONS

  • PAPERS AND PUBLICATIONS

  • CONTACT

  • Blog

  • More

    washingtoncybercenter.com

    © 2023 by Marketing Solutions. Proudly created with Wix.com

    Cybersecurity, the Holiday Season and the Grinch

    December 6, 2019

    Cybersecurity, Vendors and Stolen Laptops

    December 2, 2019

    Cybersecurity and Dental Services

    November 29, 2019

    Cybersecurity and IT Firms

    November 25, 2019

    Cybersecurity and Small Town Attacks

    November 22, 2019

    Cybersecurity and Online Gaming

    November 18, 2019

    Cybersecurity, Backup Services and Ransomware

    November 15, 2019

    Cybersecurity, PLCs and DoS

    November 4, 2019

    Cybersecurity and Student Loans

    November 1, 2019

    Cybersecurity, Automobiles and Inverter Issues

    October 28, 2019

    Please reload

    Recent Posts

    I'm busy working on my blog posts. Watch this space!

    Please reload

    Featured Posts

    Gorilla Glue Compromise: Data Not Glued Down

    April 23, 2018

    |

    Charles Parker, II

    Gorilla Glue is known for their excellent set of products, and also their commercials. What has not been overly publicized, naturally, is the compromise from last year. The attack was spearheaded by The Dark Overlord. The hackers had previously attacked medical organizations and demanded a significant ransom. The group also attacked West Park Capital, an investment bank.

     

    In this instance the attacker claimed to have over 500GB of data from Gorilla Glue. Included in this mass amount of data was IP, product designs, access to company email accounts, Dropbox, financial spreadsheets, invoices, strategy documents, presentations, contracts with banks, and other confidential documents (Cox, 2016; Bisson, 2016). This was a rather brazen claim. Without some form of authentication, there would be a minimal amount of credibility. To circumvent this issue, The Dark Overlord forwarded 200MB of files to Motherboard (Cox, 2016). These were also forwarded to Gorilla Glue as evidence.

     

    Ransom

    As with any attack of this nature, it is presupposed that there would be the threat of releasing the data if a fee is not paid. This was not an exception. As with the two prior victims (a medical group and the investment bank), Gorilla Glue was provided with a “handsome business proposal” (Bisson, 2016). There were two primary options-pay or don’t. The paying has issues of not receiving the data, the data being released later, malware being left on their system, etc. With not paying the immediate threat would have been the release of their data, short-term loss of respect, and damage.

     

    References

    Bisson, D. (2016, November 18). Gorilla glue finds itself in sticky situation after hackers steal data.

    Retrieved from https://www.grahamcluley.com/gorilla-glue- finds-sticky- situation-hackers- steal-data/

    Cox, J. (2016, November 17). Hackers claim theft of data from gorilla glue. Retrieved from

    http://motherboard.vice.com/en_au/read/hackers-claim- theft-of- data-from- gorilla-glue

     

    About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

    Share on Facebook
    Share on Twitter
    Please reload

    Follow Us

    I'm busy working on my blog posts. Watch this space!

    Please reload

    Search By Tags

    December 2019 (2)

    November 2019 (7)

    October 2019 (7)

    September 2019 (9)

    August 2019 (10)

    July 2019 (8)

    June 2019 (9)

    May 2019 (10)

    April 2019 (9)

    March 2019 (10)

    February 2019 (8)

    January 2019 (9)

    December 2018 (8)

    November 2018 (9)

    October 2018 (9)

    September 2018 (7)

    August 2018 (9)

    July 2018 (9)

    June 2018 (11)

    May 2018 (6)

    April 2018 (9)

    March 2018 (9)

    February 2018 (8)

    January 2018 (6)

    December 2017 (8)

    November 2017 (7)

    October 2017 (10)

    September 2017 (9)

    August 2017 (10)

    July 2017 (8)

    June 2017 (10)

    May 2017 (8)

    April 2017 (7)

    March 2017 (8)

    February 2017 (7)

    January 2017 (8)

    December 2016 (11)

    November 2016 (14)

    October 2016 (14)

    September 2016 (8)