Abyss attacks Brockhouse Group
Incident Date:
July 18, 2023
Overview
Title
Abyss attacks Brockhouse Group
Victim
Brockhouse Group
Attacker
Abyss
Location
First Reported
July 18, 2023
The Abyss Ransomware Gang's Attack on Brockhouse Group
The Abyss ransomware gang has attacked the Brockhouse Group. The Brockhouse Group is a West Midlands-based company that specializes in supplying closed die hammer and upset forgings to various industries. Their product range includes forgings weighing from 0.5 kg to 400 kg, catering to sectors such as mining, oil & gas, railways, nuclear, automotive, off-highway, defense, fluid power, materials handling, and more. With a strong global presence, Brockhouse serves a wide network of clients across different countries. Their track record in exporting professional and quality forgings has earned them a reputation as a reliable supplier in the international market.
The company has significantly invested in its manufacturing site to create a comprehensive solution for customers' needs. This includes forging, machining, and assembly capabilities, offering a one-stop-shop approach for their clients.
Abyss's Claim and Strategy
Abyss posted the Brockhouse Group to its data leak site on July 18th, claiming to have stolen 35GB of organizational data. The Abyss ransomware gang is a well-known cybercriminal group actively deploying ransomware attacks against organizations worldwide. Employing sophisticated tactics, they encrypt victims' data and demand ransom payments in exchange for decryption keys. What distinguishes them is their use of a "double extortion" strategy, where they not only encrypt data but also exfiltrate sensitive information. This stolen data is threatened to be leaked or sold on the dark web if the ransom demand is not met, adding extra pressure on victims to comply.
Their targets encompass a wide range of industries, including corporations, government entities, educational institutions, and healthcare providers. Abyss is so prolific that several businesses offer decryption services for the Abyss Locker ransomware, although it's unclear how effective those services are.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.