Johnson Controls Hit With $51 Million Ransomware Attack

Johnson Controls suffered a ransomware attack over the weekend that encrypted devices and caused outages. The ransom demand is reportedly $51 million.
The attack impacted subsidiaries like York, Simplex, and Ruskin, causing customer service disruptions.
The ransomware has been identified as Dark Angels, which encrypts ESXi servers and steals data.
Dark Angels launched in May 2022 and threatens to leak stolen data if ransom isn't paid.
Johnson Controls has confirmed the incident and is investigating with help from cybersecurity experts and insurers.

bleepingcomputer.com

Relevant topic timeline:

8/28/2023

International ransomware gangs are evolving their techniques. The next generation of hackers will target weaknesses in cryptocurrencies

Ransomware attacks are becoming increasingly common and sophisticated, with the average ransom payment rising to $1.5 million in the past year, according to a survey by Sophos, while attacks on city governments and police forces often go unnoticed; researchers are now focusing on the next generation of ransomware that may exploit vulnerabilities in cryptocurrencies, such as the proof-of-stake consensus mechanism used in Ethereum, which could be targeted for extortion.

9/12/2023

MGM Resorts Hit by Major Technical Outage, FBI Investigating Possible Cyberattack

MGM Resorts International is experiencing a cybersecurity issue that could potentially be a ransomware attack, resulting in loss of money and damage to the company's reputation, but it is yet to be confirmed.

9/14/2023

MGM Hit by BlackCat Ransomware Linked to Scattered Spider Hackers Known for Bypassing MFA

Affiliate of the BlackCat ransomware group, Scattered Spider, claims responsibility for breaching MGM Resorts' infrastructure, stealing data, and deploying ransomware, demanding a $30 million ransom.

9/28/2023

DHS Probes if Sensitive Data Exposed in Johnson Controls Ransomware Attack

The Department of Homeland Security is investigating whether a ransomware attack on government contractor Johnson Controls International has compromised sensitive physical security information, including DHS floor plans.

10/6/2023

MGM Reports Over $100 Million in Damages from Costly Cyberattack

The recent data breach at MGM Resorts is projected to cost the casino giant over $100 million, making it potentially the most expensive ransomware attack on record.

10/7/2023

MGM Hit By Hackers, Didn't Pay Ransom; Restores Systems After Data Breach

MGM Resorts International did not pay the ransomware attackers who breached its systems, resulting in the shutdown of hotels and casinos, with customer data including personal information potentially compromised, although no passwords, bank account numbers, or card details were believed to have been stolen.

10/12/2023

Ransomware Remains Top Cyber Threat; CISOs Voice Concerns Over AI Risks and Skills Gaps

More than half of organizations are paying over $100,000 in ransomware attacks, with 83% admitting to paying the ransom directly to the hackers, according to a Splunk study, which also revealed concerns about the potential for generative AI to facilitate attacks.

Topics

Posted 9/27/2023, 7:48:53 PM