ABB Struck By Black Basta Ransomware

Uploaded on 2023-05-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Swedish-Swiss robotics and automation multinational company ABB has been hit by a Black Basta ransomware attack which has affected business operations across the company.  

On Friday 13th May, ABB confirmed that certain locations and services were impacted by an “IT security incident.” The company works with a large range of customers including Hitachi, Volvo and various governments.

On May 7th, the company fell victim to a cyber attack conducted by the Black Basta ransomware gang. This is the same form of attack used against Capita, the large British-bases outsourcing firm

ABB employs around 105K employees and has $29.4 billion in revenue for 2022. And as part of its services, the company develops industrial control systems (ICS) and SCADA systems for manufacturing and energy suppliers. ABB has a global presence, with operations on every continent. One arm of the company’s extensive business activities develops Industrial Control Systems (ICS). ICS is a critical part of the modern manufacturing system and a great for state-sponsored and financially motivated threat actors.

According to sources, hundreds of computers have been compromised as a result of a ransomware attack on the Windows Active Directory used by ABB. 

According to ABB’s website, it offers cyber security consulting as a service and carries out security assessments through “multiple standard and custom assessments”. It also offers cyber security training and conducts awareness and education programs for employees. 

Black Basta was first observed in April 2022 and is understood to be a rebranding of the infamous Conti ransomware group. 

The Dark Web monitoring platform, DarkFeed report that Black Basta has struck 153 organisations since its strain of malware was first discovered. The group standard method is to use double-extortion tactics to intimidate victims into paying a ransom. Cyber criminals that use this model often publish stolen data in a dripfeed, pressurising victims to succumb to internal and external demands to pay the ransom.

Cyber security researchers have linked Black Basta with the FIN7 cyber crime group to the original Black Basta ransomware exploit in 2022. Amongst others, Black Basta has attacked the American Dental Association, Sobeys, Knauf, and Yellow Pages Canada. 

ABB:   Economic Times:   Bleeping Computer:     CyberNews:   Information Security Buzz:   The Record:  

You Might Also Read: 

Detected - A Hard Matching Vulnerability  Which Enables Azure AD Account Takeover:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Philadelphia Inquirer Newspaper Hacked 
Iranian Government Uses Android Malware For Mobile Surveillance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Rackspace Technology

Rackspace Technology

Rackspace Technology is a leading provider of managed services across all major public and private cloud technologies. Secure your IT environments with powerful cloud security solutions and support.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

IGEL Technology

IGEL Technology

IGEL Technology is one of the world's leading thin client vendors. Thin clients increase data security and compliance.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

SecLytics

SecLytics

SecLytics is the leader in Predictive Threat Intelligence. Our SaaS-based Augur platform leverages behavioral profiling and machine learning to hunt down cyber criminals.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

EtherAuthority

EtherAuthority

EtherAuthority's engineering team has been helping blockchain businesses to secure their smart contract based assets since 2018.

SysGroup

SysGroup

SysGroup is an award-winning managed IT services, cloud hosting, and IT consultancy provider.