HHS warns of cyber gang Lapsus$: 5 things to know

HHS on April 7 issued a threat brief detailing the tactics used by cyber criminal group Lapsus$, which recently attacked Microsoft, Samsung and identity management service provider Okta.

Six things to know:

  1. Lapsus$ does not use ransomware, but instead relies on bribery and nonransomware extortion.

  2. The group uses tactics ranging "from simple to moderately complex," according to the report. Some of its common approaches are credential theft; multifactor authentication bypass; social engineering; managed service provider compromise; SIM swapping; accessing employees' email accounts; bribing employees, suppliers or business partners of target organizations for credentials and multifactor authentication approval; and self-injection into companies' ongoing crisis communication calls.

  3. Lapsus$ may be composed of teenagers and young adults, according to the report. Its members speak English, Russian, Turkish, German and Portuguese.

  4. The group usually targets large companies.

  5. Lapsus$ was discovered in April 2020.

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars