Over the weekend, it was reported that Lapsus$, the data extortion hacking group, had maliciously compromised many high-profile organizations. In the last few months, Lapsus$ has been breaking into a company’s systems to steal source code, customer lists, databases, and other valuable information, with the goal of extorting victims by threatening to leak online unless a ransom payment is made.

Lapsus$ has carried out numerous attacks, with confirmed attacks against Microsoft, Okta, NVIDIA, Samsung, and Mercado Libre. While information is sparse, we anticipate we will continue to learn of additional organizations impacted.

Organizations should remain on high alert, with a strong focus on Detection & Response.

Graham Company recommends the following actions be taken:

1. Monitor user activity logs for outliers of abnormal activity
2. Maintain heightened awareness of suspicious activity within your environment
3. Reach out to 3^rd party vendors to confirm acknowledgment of threat landscape and increased monitoring

Do not hesitate to reach out to your Graham Service Team if you believe there is any suspicious activity within your network. Graham Company can assist in providing notice to your Cyber Insurance Carrier to utilize the Incident Response Coverage for an investigation if necessary.

If you have questions about your cyber posture, we encourage you to talk with us about our newest cyber offering, GRAHAM CYBER BLUEPRINT^SM. With Graham Cyber Blueprint, you can improve your cyber strategy and insurability as a result of completing a quick questionnaire that will help you identify areas for improvement and general recommendations for next steps to strengthen your organization's cybersecurity defenses.  Fill out our Graham Cyber Blueprint questionnaire HERE.