alphv attacks Brookson One
Incident Date:
January 18, 2022
Overview
Title
alphv attacks Brookson One
Victim
Brookson One
Attacker
Alphv
Location
First Reported
January 18, 2022
Brookson One Suffers Ransomware Attack by ALPHV Group
Brookson One, a provider of specialist accountancy services for contractors, has been targeted by the ALPHV ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is Brookson One. Operating in the Business Services sector, Brookson One has been offering accountancy services to contractors for over two decades.
Company Size and Unique Features
Brookson One has assisted more than 90,000 contractors and freelancers in managing their businesses, providing all-inclusive services that ensure compliance with regulations and offer peace of mind for clients. The company's distinctive offerings include an all-inclusive service model, a variety of optional support and advice services, and a comprehensive accountancy portal named Brookson Connect, which enables users to manage their accounts remotely.
Vulnerabilities and Targeting
The ALPHV ransomware group, known for its prolific attacks, targets a wide range of victims including government facilities, emergency services, defense industrial base companies, critical manufacturing, healthcare and public health facilities, and other corporations. Utilizing a ransomware-as-a-service model, the group's developers create and update the ransomware, while affiliates focus on identifying and attacking high-value victim institutions.
Previous Cyber Attacks
Brookson One has previously been the target of cyber attacks, with contractors experiencing delayed wage payments and disrupted communications. Similarly, Parasol, another umbrella company, faced a suspected ransomware attack, impacting both firms' ability to pay their contractors.
Mitigation and Response
The Justice Department has taken steps to disrupt the ALPHV/Blackcat ransomware variant, aiding victims in recovering from the attacks and strengthening their digital defenses. Victims of Blackcat ransomware are advised to seek assistance from their local FBI field office.
The attack on Brookson One by the ALPHV ransomware group underscores the continuous evolution of cyber threats and emphasizes the importance for organizations to stay vigilant and proactive in safeguarding their systems. Despite Brookson One's comprehensive services and dedication to compliance, these characteristics may have rendered it susceptible to ransomware attacks.
Sources
- Brookson One Website: https://www.brooksonone.co.uk/
- Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant: https://www.justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variant
- Brookson and Parasol cyber attacks: Contractor complaints about delayed payments continue: https://www.computerweekly.com/news/252512871/Brookson-and-Parasol-cyber-attacks-Contractor-complaints-about-delayed-payments-continue
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.