alphv attacks Trace Midstream

Incident Date:

April 20, 2022

World map

Overview

Title

alphv attacks Trace Midstream

Victim

Trace Midstream

Attacker

Alphv

Location

Houston, USA

Texas, USA

First Reported

April 20, 2022

Trace Midstream Ransomware Attack

Trace Midstream, a company operating in the Energy, Utilities & Waste sector, has been targeted by the ransomware group Alphv. The attack was announced on the group's dark web leak site, and the victim's website is tracemidstream.com. Trace Midstream is a mid-sized company with a reported revenue of $5.9 million.

The company's website provides limited information about its operations and services, focusing on its commitment to safety, reliability, and sustainability. Trace Midstream's primary business involves the transportation, storage, and processing of natural gas liquids (NGLs) and crude oil.

The Energy, Utilities & Waste sector is a critical infrastructure sector that has been rapidly digitizing its operational value chains. This digitization has brought significant value through analysis, process optimization, and automation but has also broadened access to previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) devices by users of the IT network and third parties with internet access.

Ransomware poses a significant threat to companies in this sector, as seen in the WannaCry and NotPetya attacks, which disrupted operations in the oil and gas industry. The past year has also seen the growth of crypto-mining malware targeting ICS computers, severely affecting productivity by increasing load on industrial systems.

Trace Midstream's vulnerabilities in being targeted by threat actors could include insufficient cybersecurity measures, lack of awareness about the threat environment, or inadequate preparation for the mounting threats. As awareness of the threat environment grows, top executives at companies like Trace Midstream are now sharpening their focus on cybersecurity, asking important questions about transforming their cybersecurity capabilities, investments, and governance models.

In response to the threat landscape, companies are rethinking their cybersecurity organizations and governance models, adopting a risk-based approach to security, and seeking appropriate controls based on their critical assets.

Sources

  • Trace Midstream. (n.d.). Home. Retrieved April 10, 2024, from https://tracemidstream.com/
  • RansomLook. (n.d.). alphv details. Retrieved April 10, 2024, from https://www.ransomlook.io/group/Alphv
  • McKinsey & Company. (2019, April 11). Critical infrastructure companies and the global cybersecurity threat. Retrieved April 10, 2024, from https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/critical-infrastructure-companies-and-the-global-cybersecurity-threat

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.