A large retailer received an extortion email threatening a denial-of-service attack unless a ransom was paid. They contacted Digital Shadows for assistance. Digital Shadows analyzed the email's IP address, bitcoin address, and unique strings. Within three hours, they reported that the actor did not have the capability to execute the threatened attack. Based on this, the retailer decided not to pay the ransom and was not attacked.
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Digital Shadows Helps Large Retailer Navigate Extortion
1. Use Case
Digital Shadows Helps Large Retailer Navigate Extortion Attempt
Our client received an email from a known
attack group demanding a large sum of money
to prevent a denial-of-service attack on their
website. If the client failed to pay, the ransom
would increase over time. Threat to business
continuity, lost revenue and brand integrity
were top of mind. Without knowing the
credibility of the attacker, they could not make
an informed decision about whether to pay the ransom. The client reached out to Digital Shadows
as a part of their incident response process to request additional information on the legitimacy of
the attack.
www.digitalshadows.com
om a known attack group demanding
nt a denial-of-service attack on their
pay, the ransom would increase over time.
lost revenue and brand integrity were top
credibility of the attacker, they could not
out whether to pay the ransom. The client
s as a part of their incident response
nformation on the legitimacy of the attack.
hLightTM
etected
t provided the IP address, Bitcoin address, and unique strings from the extortion email to our
nce team who promptly launched an investigation to assess whether the actor was who they claimed
ether there was evidence of evolved TTPs, and whether the threat attacker has shown credible
y in the past to carry out the denial of service attack.
t Reviews and Adds Context
ree hours of receiving the extortion attempt email from the client, we delivered an in-depth report
ndings of our investigation stating that based on the information we had, we did not believe the actor
apability to execute on the denial of service attack they were threatening.
Managed
details provided the customer the information they needed to triage the incident and make an
d decision regarding response. The client made the decision not to comply with the ransom demand,
r experienced a denial of service attack or future extortion demand.
U.S. Headquarters Digital Shadows, Inc.
332 Pine Street, Suite 600
San Francisco, CA 94104
North American Intelligence Operations Hub
5307 E. Mockingbird Ln.
Suite 915
Dallas, TX 75206
UK Headquarters Digital Shadows, Ltd.
Level 39
One Canada Square
London E14 5AB
Overview
Our client received an email from a known attack group demanding
a large sum of money to prevent a denial-of-service attack on their
website. If the client failed to pay, the ransom would increase over time.
Threat to business continuity, lost revenue and brand integrity were top
of mind. Without knowing the credibility of the attacker, they could not
make an informed decision about whether to pay the ransom. The client
reached out to Digital Shadows as a part of their incident response
process to request additional information on the legitimacy of the attack.
Digital Shadows Helps Large Retailer
Navigate Extortion Attempt
Digital Shadows SearchLightTM
What We Did
Risk Detected
The client provided the IP address, Bitcoin address, and unique strings from the extortion email to our
intelligence team who promptly launched an investigation to assess whether the actor was who they claimed
to be, whether there was evidence of evolved TTPs, and whether the threat attacker has shown credible
capability in the past to carry out the denial of service attack.
Analyst Reviews and Adds Context
Within three hours of receiving the extortion attempt email from the client, we delivered an in-depth report
on the findings of our investigation stating that based on the information we had, we did not believe the actor
had the capability to execute on the denial of service attack they were threatening.
Risk Managed
The full details provided the customer the information they needed to triage the incident and make an
informed decision regarding response. The client made the decision not to comply with the ransom demand,
and never experienced a denial of service attack or future extortion demand.
Retail Use Case
About Digital Shadows
Digital Shadows monitors and manages an
organization’s digital risk across the widest range of data
sources within the visible, deep, and dark web to protect
an organization’s business, brand, and reputation.
www.digitalshadows.com
info@digitalshadows.com
+1-888-889-4143 | +44 203 393 7001
About Digital Shadows
Digital Shadows enables organizations to manage digital risk by identifying and eliminating threats to their business
and brand. We monitor for digital risk across the broadest range of data sources within the open, deep and dark web
to deliver tailored threat intelligence, context and actionable remediation options that enable security teams to be
more effective and efficient. Our clients can focus on growing their core business knowing that they are protected if
their data is exposed, employees and third parties put them at risk, or their brand is being misused. To learn more,
visit www.digitalshadows.com.
Email: info@digitalshadows.com
U.S. Headquarters
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
Call us at 1-888-889-4143
UK +44 (0)203 393 7001
U.S. Headquarters
Digital Shadows, Inc. North American Intelligence Operations Hub
UK Headquarters
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
www.digitalshadows.com
U.S. Headquarters
Digital Shadows, Inc.
332 Pine Street, Suite 600
San Francisco, CA 94104
North American Intelligence Operations Hub
5307 E. Mockingbird Ln.
Suite 915
UK Headquarters
Digital Shadows, Ltd.
Level 39
One Canada Square
Widest Collection of Sources
SearchLight monitors for data exposure across the widest
range of sources, within the open, deep and dark web.
No stone is left unturned.
Tailored and Targeted Collection
A register of key assets that uniquely define your organization
and your subsidiaries drives our intelligence machinery.
Why Digital Shadows Get Started
For more information on
Digital Shadows SearchLightTM
and
how we can help protect your
organization from Data Exposure,
please contact us
Visit www.digitalshadows.com
for more information
Call us at US 1-800-889-4143
UK +44 (0)203 393 7001
Email info@digitalshadows.com
Analyst
Added Context
Digital Shadows
intelligence analysts
investigate and add
context, impact and
recommended action.
Asset Registration
Organizations register
their company assets
with Digital Shadows,
including code samples,
document markings and
email footers.
Explore View
Organizations can view
the credential exposure
at a strategic level,
identifying trends over
time.
Mitigation Options
Each incident comes with a severity level and mitigation
options. We also offer Managed Takedown Service, which
provides end-to-end management for shutting down
malicious activity and offloading this time consuming task
from your team.
About Digital Shadows Digital Shadows monitors and manages digital risk across the widest range of data sources
within the open, deep and dark web to protect an organization’s business, brand and
reputation. The Digital Shadows SearchLightTM
service combines scalable data analytics with
intelligence analysts to manage and mitigate risks of an organization’s cyber threat, data
exposure, brand exposure, VIP exposure, infrastructure exposure, physical threat, and third
party risk, and create an up-to-the-minute view of an organization’s digital risk with tailored
threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, visit www.digitalshadows.com.
Data Exposure Example
Digital Shadows SearchLight™ What We Did