Date: July 23, 2024 | Entry: #1 |
Description | Documenting a cybersecurity incident |
Tool(s) used | None. |
The 5 W’s | Who: An organized group of unethical hackers What: A ransomware security incident Where: At a health care company When: Tuesday 9:00 a.m. Why:The security breach occurred when malicious actors successfully infiltrated the company’s systems through a phishing scheme. Upon securing unauthorized access, these individuals deployed ransomware, leading to the encryption of essential files within the company’s network. The primary intent behind this cyber-attack seems to be monetary gain, as indicated by a ransom note that demanded a significant financial payment in return for the decryption key. |
Additional notes | How could the health care company prevent an incident like this from occurring again? Should the company pay the ransom to retrieve the decryption key? |