The Knauf Group ransomware attack took place on June 29, 2022. The incident resulted in emails as well product-ordering software being taken offline, the company said in a series of updates for customers.
As ever, the extent of the compromise was hard to ascertain from the outside, with systems being rapidly shut down in the wake of the attack in a bid to contain its impact: “Many of our systems and email communication are fully functional again, other areas are currently being restarted” it said on July 20, but was still directing customers to rapidly spun up alternative PDF forms for product orders as The Stack published on July 20.
The incident could not have come at a worse time for a construction industry already embattled by supply chain issues and rampant inflation in the wake of the pandemic, which caused raw material shortages for a huge range of construction materials – plasterboard prices were reported as set to soar up to 25% in July '22.
March 25, 2021: REvil Ransomware Shut Down Multiple Plants at Asteelflash
Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. While Asteelflash has not publicly disclosed an attack, BleepingComputer found this week a sample of the REvil ransomware that allowed access to the Tor negotiation page for their cyberattack. LeMagIT, a French cybersecurity news portal, reported an Asteelflash representative stated that "the incident is being evaluated." Neither BleepingComputer nor LeMagIT could confirm whether the attack was successful in encrypting files on affected systems.
The company's press release states: "Asteelflash has detected a cyber security incident during a routine check by its IT teams. We immediately took action to contain the REvil-type ransomware and limit its spread. We have not been in touch with the Hackers" There are no details about the company's intentions regarding the ransom.
March 11, 2022: Parker-Hannifin Hit in Breach
Parker-Hannifin Corporation suffered a data breach March 14, which forced the company to shut down some of its systems while some employees’ personally identifiable information ended up purloined.
Upon learning of this incident, Parker said its IT team immediately activated its incident response protocols, which included shutting down certain systems. Parker then launched an investigation with the assistance of a forensic investigation firm and other third-party cyber security and incident response professionals.
Parker, one of the largest companies in the world in motion control technologies, said it is working with law enforcement authorities. A security researcher called BlackFog said the Conti ransomware group, which has Russian ties, claimed responsibility for the attack back in April.
May 5, 2022: Ransomware Attack at AGCO
Global maker and distributor of agricultural equipment, AGCO said it fell victim to a ransomware attack Thursday that had an impact on its production.
AGCO said it is still investigating the extent of the attack, but it is anticipated its business operations will be adversely affected for several days and potentially longer to fully resume all services depending upon how quickly the company is able to repair its systems. In addition, the company will provide updates as the situation progresses
March 1, 2022: Ransomware Hits Snap-On Tool Maker
American automotive tools manufacturer Snap-on suffered an attack from the Conti ransomware gang.
The attacker started leaking the company’s data in March. Snap-on is a manufacturer and designer of tools, software, and diagnostic services used by the transportation industry through various brands, including Mitchell1, Norbar, Blue-Point, Blackhawk, and Williams.
Snap-on disclosed a data breach Thursday after they detected suspicious activity in their network, which led to them shutting down all of their systems. After conducting an investigation, Snap-on found attackers purloined personal employee data between March 1 and March 3.
February 27, 2022: Tire Manufacturer Bridgestone Hit in Ransomware Attack
One of the largest tire manufacturers in the world, Bridgestone Americas, is working on a recovery after suffering a ransomware attack by the LockBit ransomware gang.
Bridgestone said it started to investigate “a potential information security incident” it detected in the morning hours of February 27. “Out of an abundance of caution, we disconnected many of our manufacturing and retreading facilities in Latin America and North America from our network to contain and prevent any potential impact,” Bridgestone said in a statement.
The ransomware gang said it will leak all data stolen from the company and launched a countdown timer. The LockBit gang claimed the attack by adding Bridgestone Americas to the list of their victims.
March 5, 2022: Samsung Hit in Cyberattack
South Korea-based Samsung suffered a cyberattack over the weekend, but it doesn’t see there being any impact on its business or customers, company officials said Monday.
South American hacking group Lapsus$ said it had stolen 190GB of confidential data, including source code, from the tech giant’s servers. The group also posted snapshots of data online.
Samsung confirmed in a statement there was a security breach, but it said there was no compromise of customer personal information.
“We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system,” the company said.
February 23, 2022: Nvidia Suffers Cyberattack
A threat actor leaked Nvidia Corp. employee credentials and some company proprietary information online after the chipmaker’s systems ended up breached in what appears like a ransomware attack.
The Santa Clara, California-based company became aware of the breach on Feb. 23. The company is analyzing the leaked information and does not anticipate any disruption to the company’s business.
A ransomware group under the name “Lapsus$” reportedly claimed to be responsible for the leak and seemingly has information about the schematics, drivers and firmware, among other data, about the graphics chips.
February 19, 2022: Axis Communications Hit in Cyberattack
Axis Communications, a Swedish maker of network cameras and other physical security solutions used by government and private sector organizations globally, suffered a cyberattack earlier this month that disrupted its operations, company officials said.
“On the night between Saturday February 19 and Sunday February 20, Axis was the subject of a cyberattack. Using several combinations of social engineering, attackers were able to sign in as a user despite protective mechanisms such as multi-factor authentication,” company officials said in an advisory posted.
“Inside, the attackers used advanced methods to elevate their access and eventually gain access to directory services."
November 13, 2021: Ransomware Hits Store Fixture Manufacturer
Madix, Inc., a manufacturer of store fixtures with plants in Goodwater and Eclectic, Alabama, was hit with a ransomware attack over Nov. 13-14 that has disabled its computers and halted production, according to sources familiar with the situation.
Employees in Goodwater and Eclectic were sent home Monday with no specified date of return as the company works to resolve the cybersecurity breach.