Swiss tech multinational and U.S. government contractor, ABB, has recently confirmed that it experienced a ransomware attack that compromised some of its systems.
The company disclosed that unauthorized individuals gained access to certain ABB systems, deployed a non-self-propagating form of ransomware, and successfully exfiltrated specific data.
As part of its response, ABB has initiated a comprehensive forensic investigation and is working closely with advisors and law enforcement to mitigate the impact of the attack.
During the cyberattack, the attackers managed to steal data from compromised devices. ABB has assured the public that affected individuals will be promptly notified if their information was impacted during the incident.
The company has taken immediate steps to communicate with affected parties, including customers, suppliers, and individuals whose personally identifiable information was compromised.
ABB has found no evidence to suggest that any customer system has been directly affected by the ransomware attack. Customers have not reported any incidents resulting from the breach.
ABB remains committed to keeping its clients informed and providing support throughout this process.
The recent breach has been contained, allowing essential services and systems to resume normal operations. ABB is actively restoring any remaining affected services and systems.
To enhance network security and protect against future attacks, the company has implemented additional security measures.
ABB fell victim to the Black Basta ransomware attack on May 7th. The incident caused significant disruption to operations, resulting in project delays and impacting its factories.
Although ABB did not explicitly disclose the attackers’ identity, it was independently confirmed that the cyberattack was carried out by the Black Basta ransomware gang, according to an anonymous source familiar with the incident.
The ransomware attack specifically targeted ABB’s Windows Active Directory, affecting numerous Windows systems.
In response, ABB took immediate action by terminating VPN connections with its customers to prevent threat actors from accessing other networks. The company is committed to safeguarding its systems and ensuring the security of its operations.
Black Basta is a Ransomware-as-a-Service (RaaS) operation that emerged in April 2022. The gang quickly gained notoriety for conducting double-extortion attacks against various corporate victims.
Recent reports have linked Black Basta to the financially motivated cybercrime gang FIN7, also known as Carbanak. Notable victims of Black Basta include the American Dental Association, Sobeys, Knauf, Yellow Pages Canada, UK outsourcing company Capita, and most recently, German defense contractor Rheinmetall.
ABB’s swift response to the ransomware attack has allowed it to contain the breach, restore affected systems, and implement additional security measures.
The company’s ongoing investigation, in collaboration with advisors and law enforcement, aims to minimize the impact of the incident. ABB remains committed to transparently communicating with affected parties and providing support as necessary, ensuring the resilience and security of its operations.
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Discover the top 7 smartphones of 2024 with best security features, offering privacy, performance, and…
Discover the top 11 log management tools for efficient system management and monitoring. Learn about…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best PAM Tools, market trends, and expert insights to secure the…
Explore the top solutions for Apple Device Management including to iOS Device Management and macOS…