Analysis of the DragonForce Ransomware Attack on Swansea.com Ltd

Attack Overview

A UK-based advertising agency, Swansea.com Ltd, found itself at the center of a ransomware attack conducted by the cybercrime group DragonForce. This breach led to the extraction of approximately 5.17 GB of data, the details of which remain undisclosed.

Company Profile

Swansea.com Ltd, initially known as COMSWAN LIMITED, was incorporated on March 31, 2016. The company is classified under the SIC code 73110, indicating its operation within the advertising agencies sector. Swansea.com Ltd describes itself as an investment company with diverse interests in hospitality, real estate, and sports sectors, employing over 100 people across South Wales. The company's registered office is located in Swansea, West Glamorgan, and it currently has 4 active directors. The financial profile and the operational details of the company suggest a modest scale of operation with significant local influence.

Vulnerabilities and Target Profile

The choice of Swansea.com Ltd as a target by DragonForce could be attributed to several factors. The company's diverse involvement in sectors like real estate and hospitality might suggest valuable data holdings, including personal and financial information. Moreover, the small size of the company might imply limited cybersecurity resources against malicious threat actors. The impact of the attack on Swansea.com Ltd extends beyond immediate financial loss, potentially affecting its reputation and operational capabilities, especially given its stated role in significant sectors within South Wales.

Sources

• Swansea.com - Home Page
• Endole Suite - Swansea.com Ltd Company Profile
• Companies House - Swansea.com Ltd
• Swansea.com - About Us