US Government Contractors Fall Victim To Ransomware Attack

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

ABB, the government Swiss tech multinational contractor, was the victim of a ransomware attack at the hands of the Black Basta hacker group.

At first, reports made by the company described it as an “IT incident,” however they’ve now confirmed it was a cyber attack resulting in sensitive data being stolen — still, the investigation is in its preliminary stages so the full scope of what has been stolen and from who is still unknown.

“ABB will communicate with affected parties where necessary, including, for example, specific customers, suppliers, and/or individuals where personally identifiable information was affected,” the company stated in a notification it sent out to those victimized by the attack.

“To date, the forensic investigation has identified no evidence that any customer system has been directly impacted, and no customer has reported that this has occurred,” it said. On top of that, ABB managed to close the breach.

“All of ABB’s key services and systems are up and running, all factories are operating, and the company continues to serve its customers,” ABB added.

ABB officials are also improving their security, continuing to work on fixing impacted systems, and patching vulnerabilities that led to the attack.

Insiders at BleepingComputer confirmed that the attack was carried out by Black Basta hacker group — criminals who offer ransomware-as-a-service (RaaS) attacks. Since their appearance in April 2022, they’ve been responsible for a multitude of large-scale ransomware attacks, targeting major companies and government contracting groups.

Since their discovery, they’ve launched attacks on German defense contractor Rheinmetall, and other companies like Knauf, Yellow Pages Canada, The American Dental Association, and more. Their cross-platform ransomware is written in C++ and has even been observed to target virtual machines running Linux.

“We are continuing to cooperate with various law enforcement and governmental entities and third parties related to the incident,” ABB said. “Our investigation remains ongoing.”

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."