Hive Ransomware: Attack Sequence
The course of a ransomware attack using Hive was investigated by the Varonis forensics team during a customer deployment. The attack and the actions of the cyber criminals were documented in this way. First discovered in June 2021, Hive is used as ransomware-as-a-service by cybercriminals to attack healthcare facilities, nonprofits, retailers, utilities, and other industries worldwide. Most commonly, they use common ransomware tactics, techniques, and procedures (TTPs) to compromise victims' devices. Among others, phishing emails with malicious attachments, stolen VPN credentials and vulnerabilities are used to intrude into the targeted systems….