[...] The attackers were able to bypass protections provided by HTTPS-based encryption by first using their control of the Fox-IT domain to obtain a new transport layer security certificate. The process happened in the first 10 minutes of the attack, during which time all Fox-IT email was rerouted to the attackers. With that in place, the attackers were able to decrypt all incoming traffic and to cryptographically impersonate the hijacked domain. After intercepting and reading incoming traffic, the attackers forwarded it to Fox-IT in an attempt to prevent company engineers from detecting the attack.

The detailed account underscores just how easily hacks can succeed, even against security-savvy parties with relatively robust practices in place. It wouldn't be surprising to see the same techniques succeed against scores or even hundreds of other companies that use the same industry-standard countermeasures.