{"id":51858,"date":"2023-05-11T14:58:31","date_gmt":"2023-05-11T14:58:31","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34603\/Ransomware-Attack-Gets-Personal-For-Dragos-Chief.html"},"modified":"2023-05-11T14:58:31","modified_gmt":"2023-05-11T14:58:31","slug":"ransomware-attack-gets-personal-for-dragos-chief","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/","title":{"rendered":"Ransomware Attack Gets Personal For Dragos Chief"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/04\/041723_ransomware.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>An attempted ransomware bid got personal this week for Dragos CEO Robert M. Lee when would-be extortionists, desperate to secure a payday, resorted to phoning his wife and 5-year-old son.<\/p>\n<p>Lee and his company are known in industrial security circles for helping businesses in critical infrastructure mitigate cyberattacks. But the firm found itself on the receiving end of an extortion attempt after threat actors gained access to Dragos\u2019 Sharepoint environment and contract management system.<\/p>\n<p>Hackers claim they exfiltrated 130GB of data, including details of at least one government contract, but Dragos says internal systems, including the Dragos platform, were not impacted due to effective role-based access controls (RBAC). The company&#8217;s was not encrypted by the attackers, and it has not paid a ransom.<\/p>\n<p>In the past, Lee has advised openness and transparency to destigmatize security incidents and on Wednesday Dragos stuck to that playbook, <a href=\"https:\/\/www.dragos.com\/blog\/deconstructing-a-cybersecurity-event\/\" target=\"_blank\" rel=\"noreferrer noopener\">posting a detailed account<\/a> of its own breach.<\/p>\n<p>The incident began on Monday when an unnamed \u201cknown criminal group\u201d gained access to select Dragos&#8217; systems by compromising the personal email address of a new sales employee prior to their start date.<\/p>\n<p>The group then impersonated the new employee and completed initial steps in the company\u2019s onboarding process. The activity was eventually flagged in an alert from their Security Information &amp; Event Management, and the compromised account was blocked.<\/p>\n<p>The company then contacted detection and incident response providers for a larger investigation.<\/p>\n<p>\u201cWe are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware,\u201d the blog stated. \u201cThey were also prevented from accomplishing lateral movement, escalating privileges, establishing persistent access, or making any changes to the infrastructure.\u201d<\/p>\n<p>Dragos published a <a href=\"https:\/\/www.dragos.com\/wp-content\/uploads\/2023\/05\/2023-05-09_Event-Timeline-1-1-1024x982.png\" target=\"_blank\" rel=\"noreferrer noopener\">timeline<\/a> of the incident showing that while the group was able to access the company\u2019s SharePoint platform and contract management system, RBAC defeated their attempts to access other systems, including Dragos\u2019 messaging, IT helpdesk, financial, request for proposal (RFP), employee recognition, and marketing systems.<\/p>\n<h2>From ransomware attempt to extortion threats<\/h2>\n<p>Eleven hours after the initial breach, and having failed to deploy ransomware, the group switched to attempting to extort the company by reaching out to its executives, threatening to publicly disclosure the incident.<\/p>\n<p>Lee <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2023-05-10\/hackers-contacted-cyber-ceo-s-son-wife-in-extortion-attempt\" target=\"_blank\" rel=\"noreferrer noopener\">told Bloomberg<\/a> the hackers called his 5-year-old son on a phone the child used to communicate with his grandmother. The boy handed the phone to his mother, who hung up. The hackers called Lee\u2019s wife in a separate call, he said.<\/p>\n<p>\u201cThe criminals obviously grew frustrated because we never attempted to contact them. Paying was never an option,\u201d Lee wrote on <a href=\"https:\/\/twitter.com\/RobertMLee\/status\/1656388349198835712\" target=\"_blank\" rel=\"noreferrer noopener\">Twitter<\/a>.<\/p>\n<p>\u201cThey continued to call me, threaten my family, and the family of many of our employees by their names.\u201d<\/p>\n<p>Dragos\u2019 post includes screenshots of WhatsApp messages sent to the executives which included references to REvil\u2019s 2021 ransomware attack on Kaseya, when it was <a href=\"https:\/\/www.scmagazine.com\/analysis\/ransomware\/langevin-to-fbi-helping-victims-takes-precedence-over-disrupting-ransomware-groups\" target=\"_blank\" rel=\"noreferrer noopener\">reported<\/a> the FBI had access to the group\u2019s encryption key for nearly three weeks before handing it over to Kaseya.<\/p>\n<p>\u201c[The FBI] don\u2019t care about you or your organization. Be like the hundreds of companies who\u2019ve deal [sic] with us appropriately,\u201d one of the WhatsApp messages said.<\/p>\n<h2>The aftermath of the attack<\/h2>\n<p>Dragos said while its analysts and investigators believe the event was contained, an investigation is ongoing.<\/p>\n<p>\u201cThe data that was lost and likely to be made public because we chose not to pay the extortion is regrettable. However, it is our hope that highlighting the methods of the adversary will help others consider additional defenses against these approaches so that they do not become a victim to similar efforts.\u201d<\/p>\n<p>Bloomberg said it contacted a hacker via Telegram who claimed credit for the attack and described it as opportunistic. The hacker denied contacting Lee\u2019s son but acknowledged reaching out to his wife and said 130GB of files had been stolen from the company.<\/p>\n<p>\u201cThe hacker provided Bloomberg with a copy of a contract between Dragos and the 67th Cyberspace Wing of the U.S. Air Force outlining a research and development agreement. The six-page document outlines an agreement for Dragos to receive network information regarding the Department of Defense\u2019s industrial control system environment.\u201d<\/p>\n<p>Lee confirmed to Bloomberg that the contract was legitimate.<\/p>\n<p>Online malware repository VX-Underground <a href=\"https:\/\/twitter.com\/vxunderground\/status\/1656330306616705026\" target=\"_blank\" rel=\"noreferrer noopener\">posted on Twitter<\/a> a screenshot of a Telegram channel that appeared to be operated by an actor involved in the attack. The actor denied there was any intention to deploy encryption malware and accused Dragos of attempting to downplay the incident.<\/p>\n<p>Dragos said it had added an additional verification step to harden its onboarding process to ensure the technique could not be repeated.<\/p>\n<p>\u201cEvery thwarted access attempt was due to multi-step access approval. We are evaluating expanding the use of this additional control based on system criticality. Positive outcomes further reinforce our resolve to not engage or negotiate with cybercriminals. Verbose system activity logs enabled the rapid triage and containment of this security event,\u201d the company wrote.<\/p>\n<p>Lee said on <a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/RobertMLee\/status\/1656390902732947458\" target=\"_blank\">Twitter<\/a> the new staff member whose personal email address was compromised \u201cwill absolutely be one of our valued employees (when they get their accounts back). We don\u2019t blame victims at Dragos and no one else should either.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34603\/Ransomware-Attack-Gets-Personal-For-Dragos-Chief.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":51859,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10509],"class_list":["post-51858","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentmalwarecybercrimecryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-11T14:58:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/04\/041723_ransomware.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Ransomware Attack Gets Personal For Dragos Chief\",\"datePublished\":\"2023-05-11T14:58:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/\"},\"wordCount\":879,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ransomware-attack-gets-personal-for-dragos-chief.jpg\",\"keywords\":[\"headline,hacker,government,malware,cybercrime,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/\",\"name\":\"Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ransomware-attack-gets-personal-for-dragos-chief.jpg\",\"datePublished\":\"2023-05-11T14:58:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ransomware-attack-gets-personal-for-dragos-chief.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ransomware-attack-gets-personal-for-dragos-chief.jpg\",\"width\":1280,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ransomware-attack-gets-personal-for-dragos-chief\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,malware,cybercrime,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentmalwarecybercrimecryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Ransomware Attack Gets Personal For Dragos Chief\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/","og_locale":"en_US","og_type":"article","og_title":"Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-11T14:58:31+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/04\/041723_ransomware.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Ransomware Attack Gets Personal For Dragos Chief","datePublished":"2023-05-11T14:58:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/"},"wordCount":879,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/ransomware-attack-gets-personal-for-dragos-chief.jpg","keywords":["headline,hacker,government,malware,cybercrime,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/","url":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/","name":"Ransomware Attack Gets Personal For Dragos Chief 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/ransomware-attack-gets-personal-for-dragos-chief.jpg","datePublished":"2023-05-11T14:58:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/ransomware-attack-gets-personal-for-dragos-chief.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/ransomware-attack-gets-personal-for-dragos-chief.jpg","width":1280,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/ransomware-attack-gets-personal-for-dragos-chief\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,malware,cybercrime,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentmalwarecybercrimecryptography\/"},{"@type":"ListItem","position":3,"name":"Ransomware Attack Gets Personal For Dragos Chief"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=51858"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51858\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/51859"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=51858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=51858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=51858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}