CarderPlanet
Professional
Will the building hardware vendor meet the ransomware requirements?
The American corporation Johnson Controls International, specializing in the production of heating, ventilation and air conditioning systems, as well as security systems for buildings, was subjected to a cyber attack using ransomware.
The organization has approximately 100,000 employees worldwide, working in its offices and subsidiaries, including York, Tyco, Luxaire, Coleman, Ruskin, Grinnell and Simplex.
The attackers gained access to the company's databases last weekend (approximately September 23-24), attacking primarily the Asian divisions. The virus encrypted data on VMware ESXi VMs. According to the hackers themselves, they managed to steal 27 terabytes of corporate information.
The ransom for restoring access to files will be $ 51 million.
Experts suggest that the campaign involves the hacker group Dark Angels, which specializes in ransomware attacks.
Initially, the attackers used cryptographers for Windows and VMware ESXi, created on the basis of the source code of the Babuk ransomware virus, which leaked to the network long ago.
However, a cybersecurity specialist from the MalwareHunterTeam community claims that the Linux cryptographer used in the attack on Johnson Controls is identical to those used by the hacker group Ragnar Locker from 2021.
Johnson Controls launched an investigation involving leading cybersecurity experts. To stop the spread of the virus, a number of internal systems had to be turned off. However, most applications continue to function normally.
Despite the prompt response, the incident may affect the timing of publication of financial statements. The exact extent of the damage remains to be assessed.
The American corporation Johnson Controls International, specializing in the production of heating, ventilation and air conditioning systems, as well as security systems for buildings, was subjected to a cyber attack using ransomware.
The organization has approximately 100,000 employees worldwide, working in its offices and subsidiaries, including York, Tyco, Luxaire, Coleman, Ruskin, Grinnell and Simplex.
The attackers gained access to the company's databases last weekend (approximately September 23-24), attacking primarily the Asian divisions. The virus encrypted data on VMware ESXi VMs. According to the hackers themselves, they managed to steal 27 terabytes of corporate information.
The ransom for restoring access to files will be $ 51 million.
Experts suggest that the campaign involves the hacker group Dark Angels, which specializes in ransomware attacks.
Initially, the attackers used cryptographers for Windows and VMware ESXi, created on the basis of the source code of the Babuk ransomware virus, which leaked to the network long ago.
However, a cybersecurity specialist from the MalwareHunterTeam community claims that the Linux cryptographer used in the attack on Johnson Controls is identical to those used by the hacker group Ragnar Locker from 2021.
Johnson Controls launched an investigation involving leading cybersecurity experts. To stop the spread of the virus, a number of internal systems had to be turned off. However, most applications continue to function normally.
Despite the prompt response, the incident may affect the timing of publication of financial statements. The exact extent of the damage remains to be assessed.
