Se ha conocido recientemente que el pasado 7 of May of 2023, la multinacional con sede en Zúrich y más de 105 000 empleados fue víctima de un ciberataque ejecutado por el grupo de ransomware Black Basta. El ataque se centró en el Active Directory de Windows de la empresa, affecting hundreds of devices and causing interruptions in the company's operations and factories.

To prevent the spread of ransomware to customer and partner networks, ABB proceeded to cut all affected VPN connections. Although it initially treated the incident as a 'cybersecurity situation', the company later confirmed that it was a ransomware attack that also involved data exfiltration.

According to ABB, most of its systems and factories have already resumed their activity, and no signs of compromises in third-party networks have been detected. However, the company acknowledged that a certain volume of data was stolen during the attack, although it has not been clarified how much information was compromised.

Since its appearance in April 2022, Black Basta has established a RaaS-type operation (ransomware-as-a-service), targeting critical sectors and large corporations. Linked to the Conti/FIN7 group, it has already affected more than 329 Organizations, raising tens of millions of dollars in ransoms. The ABB case joins the growing list of victims in Europe and the United States.

Fountain: Digital Shield

Image Auledas, CC BY-SA 4.0, via Wikimedia Commons


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »