ABB Struck By Black Basta Ransomware

Uploaded on 2023-05-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Swedish-Swiss robotics and automation multinational company ABB has been hit by a Black Basta ransomware attack which has affected business operations across the company.  

On Friday 13th May, ABB confirmed that certain locations and services were impacted by an “IT security incident.” The company works with a large range of customers including Hitachi, Volvo and various governments.

On May 7th, the company fell victim to a cyber attack conducted by the Black Basta ransomware gang. This is the same form of attack used against Capita, the large British-bases outsourcing firm

ABB employs around 105K employees and has $29.4 billion in revenue for 2022. And as part of its services, the company develops industrial control systems (ICS) and SCADA systems for manufacturing and energy suppliers. ABB has a global presence, with operations on every continent. One arm of the company’s extensive business activities develops Industrial Control Systems (ICS). ICS is a critical part of the modern manufacturing system and a great for state-sponsored and financially motivated threat actors.

According to sources, hundreds of computers have been compromised as a result of a ransomware attack on the Windows Active Directory used by ABB. 

According to ABB’s website, it offers cyber security consulting as a service and carries out security assessments through “multiple standard and custom assessments”. It also offers cyber security training and conducts awareness and education programs for employees. 

Black Basta was first observed in April 2022 and is understood to be a rebranding of the infamous Conti ransomware group. 

The Dark Web monitoring platform, DarkFeed report that Black Basta has struck 153 organisations since its strain of malware was first discovered. The group standard method is to use double-extortion tactics to intimidate victims into paying a ransom. Cyber criminals that use this model often publish stolen data in a dripfeed, pressurising victims to succumb to internal and external demands to pay the ransom.

Cyber security researchers have linked Black Basta with the FIN7 cyber crime group to the original Black Basta ransomware exploit in 2022. Amongst others, Black Basta has attacked the American Dental Association, Sobeys, Knauf, and Yellow Pages Canada. 

ABB:   Economic Times:   Bleeping Computer:     CyberNews:   Information Security Buzz:   The Record:  

You Might Also Read: 

Detected - A Hard Matching Vulnerability  Which Enables Azure AD Account Takeover:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Philadelphia Inquirer Newspaper Hacked 
Iranian Government Uses Android Malware For Mobile Surveillance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Masergy Communications

Masergy Communications

Masergy delivers hybrid networking, managed security and cloud communication solutions to enterprises around the globe.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Jetico

Jetico

Jetico provides pure & simple data protection software for all sensitive information throughout the lifecycle. Solutions include data encryption and secure data erasure.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

National Center for Manufacturing Sciences (NCMS)

National Center for Manufacturing Sciences (NCMS)

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Irdeto

Irdeto

Irdeto is the world leader in digital platform security, protecting platforms and applications for media & entertainment, gaming, connected transport and IoT connected industries.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

Digital Management (DMI)

Digital Management (DMI)

DMI is a provider of mobile enterprise, business intelligence and cybersecurity services.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

JanBask Training

JanBask Training

JanBask Training is a dynamic, highly professional, global online training provider committed to propelling the next generation of technology learners with a whole new way of training experience.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.