Ransomware Attack on SOA Architecture by 8Base Group

Attack Overview

SOA Architecture, a Missouri-based architectural firm, has recently fallen victim to a ransomware attack orchestrated by the notorious cybercriminal group, 8Base. The attack was disclosed through 8Base's dark web leak site, indicating a potential breach of sensitive data including financial documents, employee contracts, and personal files.

Company Profile

Founded in 1987, SOA Architecture specializes in integrated design solutions across various sectors such as education, healthcare, and corporate environments. The firm is recognized for its commitment to sustainable design and early adoption of Building Information Modeling (BIM) technologies. With a reported revenue of $4 million in 2023 and a workforce of approximately 15-50 employees, SOA Architecture is a notable player in the mid-Missouri architectural landscape.

Vulnerabilities and Target Profile

The size and industry of SOA Architecture make it a typical target for groups like 8Base, which predominantly attacks small to medium-sized businesses. The firm's reliance on digital technologies such as BIM, coupled with the sensitive nature of architectural data, increases its attractiveness and vulnerability to cybercriminals seeking valuable data for extortion.

Ransomware Group Details

8Base has been active since early 2022, gaining notoriety for its aggressive double-extortion tactics. This group is known for encrypting victim's data and threatening to release it publicly if their ransom demands are not met. The use of Phobos ransomware, customized with a ".8base" file extension, is a hallmark of their operations.

Sources

• SOA Architecture Official Website
• RocketReach - SOA Architecture Profile
• HHS.gov - 8Base Ransomware Analyst Note
• SOCRadar - Dark Web Profile of 8Base Ransomware