![]() ![]() ![]() With the rise of Ransomware-as-a-Service and the evolving tactics of ransomware groups, companies must remain vigilant. They must have robust incident response plans in place to mitigate the damage in the event of an attack. Companies must ensure that their systems and networks are secure against potential cyber threats. The need for robust cybersecurity measures is on peak. The ABB ransomware attack highlights the growing threat that ransomware groups pose to companies of all sizes. Recently, the ransomware group attacked Capita, the UK’s largest outsourcing company, and began to leak stolen data. This including those on the American Dental Association, Sobeys, Knauf, and Yellow Pages Canada. Since its launch, the threat actors have been responsible for a stream of attacks. Researchers have also linked the ransomware group to the FIN7 hacking group, a financially motivated cybercrime gang also known as Carbanak. Like other enterprise-targeting ransomware operations, Black Basta created a Linux encryptor to target VMware ESXi virtual machines running on Linux servers. ![]() Black Basta then used Cobalt Strike to gain initial access to the corporate network and spread laterally to other devices. By June 2022, the group partnered with the QBot malware operation (QakBot), which dropped Cobalt Strike on infected devices. It quickly began amassing corporate victims in double-extortion attacks. The Black Basta ransomware group launched its Ransomware-as-a-Service (RaaS) operation in April 2022. Black Basta Ransomware – A Brief Overview ![]() BleepingComputer also contacted ABB about the attack, but the company declined to comment on the situation. The attack disrupted ABB’s operations, affecting projects and factories. In response, ABB terminated VPN connections with its customers to prevent the spread of the ransomware to other networks.īleepingComputer, a cybersecurity news website, independently confirmed the attack from a source familiar with the situation, who asked to remain anonymous. The ransomware attack affected the company’s Windows Active Directory, impacting hundreds of devices. The attack on ABB occurred on May 7, 2022, by the Black Basta cybercrime group that surfaced in April 2022. The company works with many customers and local governments, including Volvo, Hitachi, DS Smith, the City of Nashville, and the City of Zaragoza. The company offers a range of services, including the development of industrial control systems (ICS) and SCADA systems for manufacturing and energy suppliers. Headquartered in Zurich, Switzerland, ABB employs approximately 105,000 employees and has a revenue of $29.4 billion as of 2022. ABB Terminates VPN Connections to Prevent the Spread of Black Basta Ransomware However, the attack reportedly disrupted the company’s operations, causing delays in projects and impacting factories. Army Corps of Engineers and Departments of Interior, Transportation, Energy, and the U.S. ABB has a proven track record of serving a diversity of federal agencies, including the U.S. A statement from the company confirmed the attack and its efforts to contain the incident. It has been the latest victim of a Black Basta Ransomware attack, impacting its business operations. Swiss multinational company ABB, a foremost electrification and automation technology provider. Swiss Multinational ABB Suffers Black Basta Ransomware Attack ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |