Johnson Controls recently suffered a large-scale cyberattack on their systems from a ransomware group calling themselves The Dark Angel ransomware group.
“We are currently experiencing IT outages that may limit some customer applications,” writes the Simplex website.
“(This) has caused, and is expected to continue to cause, disruption to parts of the company’s business operations,” Johnson Controls states. However, they also clarify that “to date, many of the Company’s applications are largely unaffected and remain operational.”
The company, which is a multinational conglomerate that secures fire safety equipment, air conditioners, security equipment, and industrial control systems, is now being held ransom to the tune of $51 million USD. Hackers claim to have stolen 27 TB worth of data.
Over the weekend its systems were encrypted by the notorious gang, leading to Johnson Controls immediately filing an SEC report.
While there aren’t many public details, the severity of the hack has led to Johnson Controls meeting with cybersecurity experts, working with insurance, and contacting the authorities.
“We are actively mitigating any potential impacts to our services and will remain in communication with customers as these outages are resolved,” they said.
The Dark Angel hacker group has been operating since May 2022, using decryption tools first used by the Ragnar Locker group back in 2021. However, this is the group’s first time targeting such a large-scale conglomerate.
In this case, they’ve threatened to release the information on a hacker forum they created known as Dunghill Leaks.
With the MOVEit file transfer breach still shaking the world, multiple government authorities including the FBI and CISA will most likely get involved. This means intense investigations will be coming into the Dark Angel group.
However, at this time the hackers remain at large — in fact, they were threatening Johnson Controls not to get the authorities involved.