Digital Forensics and Incident Response (DFIR)

In addition to ransomware and BEC, the DFIR team also investigated other types of cyber incidents. These included a mix of malware infections, unauthorised access attempts, insider threats, and data breaches that did not fall into the specific categories of ransomware or BEC.

Understanding the breach in its entirety is also crucial for meeting regulatory obligations. Detailed knowledge of the attack helps in reporting to regulatory bodies, fulfilling compliance requirements, and informing stakeholders.

Ransomware attack vector has become increasingly sophisticated, with double and triple extortion tactics becoming more prevalent. Although the operational impact of BEC incidents is generally less severe, the financial consequences can be substantial, especially when payment direction fraud is involved.