Chapter
Cyberattack on the US Department of Defense
34:19 - 40:36 (06:17)
A cyberattack on the US Department of Defense involved a threat actor using a server and a company's network to scan the department's servers for open file sharing connections, followed by a new malware and tools installation that linked to a different command and control server.
Clips
The process of investigating an infected computer after an attack is akin to the scene from Mr.
34:19 - 35:54 (01:35)
Summary
The process of investigating an infected computer after an attack is akin to the scene from Mr. Robot, where Elliot looks into a server directory containing malware files. It is necessary to be sure whether to remove the malware or leave it untouched.
ChapterCyberattack on the US Department of Defense
Episode103: Cloud Hopper
PodcastDarknet Diaries
A NetBIOS scanner was used to scan a network and find servers with shared network drives, which could be accessed to view files.
35:54 - 37:34 (01:40)
Summary
A NetBIOS scanner was used to scan a network and find servers with shared network drives, which could be accessed to view files. The scanner was used to target the US Department of Defense, with 19 of the public IP ranges belonging to the department being scanned.
ChapterCyberattack on the US Department of Defense
Episode103: Cloud Hopper
PodcastDarknet Diaries
After an initial infection, a threat actor gained access to a company's domain controller, giving them full admin access over the network and leaving the business at their mercy.
37:34 - 40:36 (03:01)
Summary
After an initial infection, a threat actor gained access to a company's domain controller, giving them full admin access over the network and leaving the business at their mercy.