In recent news, the Dark Angels ransomware gang has targeted Johnson Controls International (JCI) and its subsidiary brands. This cyberattack has impacted JCI’s Asian offices and spread to brands like York, Tyco, Luxaire, Coleman, Ruskin, Grinnel, and Simplex. JCI, a well-known manufacturer of industrial equipment, is currently investigating the extent of the attack and its impact on its network. More details will be provided in the coming week.
Due to the attack, a portion of JCI’s systems is offline, and the company is working to mitigate the associated risks. Customers of York have expressed their frustration on Twitter as they are unable to access the status of their HVAC equipment and processing systems. The Dark Angels ransomware group is known for demanding large ransoms, with a minimum of $51 million. They are also known for offering a VMware ESXi encryptor, sourced from other ransomware variants.
In the case of Johnson Controls, it is reported that the Dark Angels group has exfiltrated around 27 terabytes of corporate data. This sets the stage for a potential double extortion attack in the future. JCI has acknowledged this breach in its filing with the SEC and is working with its cyber insurance provider and experts to address the situation. The company’s response to the hackers’ demands is still uncertain, but it has warned customers of possible downtime for certain applications.
In conclusion,
Key points:
1.
2. The Dark Angels ransomware gang has targeted Johnson Controls International and its subsidiary brands.
3. The cyberattack has impacted JCI’s Asian offices and spread to several brands, including York, Tyco, and Luxaire.
4. JCI is investigating the attack’s impact and working to mitigate risks.
5. The Dark Angels group is known for demanding large ransoms and offering a VMware ESXi encryptor.
6. Around 27 terabytes of corporate data have been exfiltrated, setting the stage for a potential double extortion attack.
7. JCI has disclosed the breach and is collaborating with its cyber insurance provider and experts to address the situation.
8. The company’s response to the hackers’ demands is still uncertain, but customers may experience downtime for certain applications.