ABB encounters ransomware assault: sensitive data reportedly exfiltrated
Swiss industrial powerhouse endures cyber attack: operations maintain continuity despite malware intrusion on select systems. No evidence of customer systems being impacted
In a recent announcement, ABB, the Switzerland-based industrial behemoth, verified its encounter with a ransomware assault. The culprits were reported to have extracted some sensitive information during the cyber attack.
The organization circulated an official statement and a set of Frequently Asked Questions (FAQs) elaborating the security breach incident. However, many particulars, including signs of the compromise (IoCs), remain undisclosed because of the active criminal investigation currently in progress.
The statement from ABB acknowledges unauthorized entry of a third party into specific ABB systems, deployment of a non-self-replicating ransomware variant, and subsequent exfiltration of certain data. In the wake of these events, ABB is now rigorously assessing the extent and nature of the compromised data, and is determining the need and degree of external communication regarding the incident.
The invasive software, or malware, was reportedly launched on a restricted number of servers and endpoints. The transmission of the malware was manually executed, and it lacked the capability to disseminate automatically through emails or within the local network, as per the company's statement.
Despite the attack, ABB has maintained operational continuity. All essential services and systems of the company remain functional, the manufacturing facilities continue to operate, and customer service remains uninterrupted. The firm also mentioned its ongoing efforts to reinstate any services and systems still under the impact of the assault, while simultaneously augmenting its cybersecurity measures.
In confidential correspondence with clients, ABB assured that their internal forensic analysis didn't find any signs of customer systems being directly affected. Moreover, there haven't been any warnings suggesting that connecting to ABB systems could pose a risk.
The news outlet, Bleeping Computer, was the first to publicize the news about ABB being targeted by the cybercriminal group known as Black Basta. The assertion was independently verified by Kevin Beaumont, a well-respected figure in the cybersecurity research domain.
Follow us on Telegram for more pills like this05/27/2023 18:00
Editorial AI