ABB Struck By Black Basta Ransomware

Uploaded on 2023-05-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Swedish-Swiss robotics and automation multinational company ABB has been hit by a Black Basta ransomware attack which has affected business operations across the company.  

On Friday 13th May, ABB confirmed that certain locations and services were impacted by an “IT security incident.” The company works with a large range of customers including Hitachi, Volvo and various governments.

On May 7th, the company fell victim to a cyber attack conducted by the Black Basta ransomware gang. This is the same form of attack used against Capita, the large British-bases outsourcing firm

ABB employs around 105K employees and has $29.4 billion in revenue for 2022. And as part of its services, the company develops industrial control systems (ICS) and SCADA systems for manufacturing and energy suppliers. ABB has a global presence, with operations on every continent. One arm of the company’s extensive business activities develops Industrial Control Systems (ICS). ICS is a critical part of the modern manufacturing system and a great for state-sponsored and financially motivated threat actors.

According to sources, hundreds of computers have been compromised as a result of a ransomware attack on the Windows Active Directory used by ABB. 

According to ABB’s website, it offers cyber security consulting as a service and carries out security assessments through “multiple standard and custom assessments”. It also offers cyber security training and conducts awareness and education programs for employees. 

Black Basta was first observed in April 2022 and is understood to be a rebranding of the infamous Conti ransomware group. 

The Dark Web monitoring platform, DarkFeed report that Black Basta has struck 153 organisations since its strain of malware was first discovered. The group standard method is to use double-extortion tactics to intimidate victims into paying a ransom. Cyber criminals that use this model often publish stolen data in a dripfeed, pressurising victims to succumb to internal and external demands to pay the ransom.

Cyber security researchers have linked Black Basta with the FIN7 cyber crime group to the original Black Basta ransomware exploit in 2022. Amongst others, Black Basta has attacked the American Dental Association, Sobeys, Knauf, and Yellow Pages Canada. 

ABB:   Economic Times:   Bleeping Computer:     CyberNews:   Information Security Buzz:   The Record:  

You Might Also Read: 

Detected - A Hard Matching Vulnerability  Which Enables Azure AD Account Takeover:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Philadelphia Inquirer Newspaper Hacked 
Iranian Government Uses Android Malware For Mobile Surveillance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Thycotic

Thycotic

Thycotic prevents cyber attacks by securing passwords, protecting endpoints and controlling application access.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.

GISEC Global

GISEC Global

GISEC Global provides vendors and companies from around the world with access to lucrative opportunity to capitalize on what's set to become one of the world's booming markets.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.

Alchemy Security Consulting

Alchemy Security Consulting

Alchemy Security Consulting specialise in offensive and defensive cyber security. We find the weak link in your security so you can patch it up fast and avoid being hacked.

Softsource vBridge

Softsource vBridge

Softsource vBridge are an ICT systems integrator providing specialist technology solutions, professional services, technical expertise and data centre services.