Conway Electrics Suffers Ransomware Attack

Conway Electrics Pty Ltd, an electrical contracting company with a focus on commercial, industrial, and domestic installations, as well as maintenance and cbus systems, has recently fallen victim to a ransomware attack orchestrated by the Bianlian group. This incident was disclosed on the group's dark web leak site, highlighting the ongoing vulnerability of companies within the construction sector to cybercriminal activities.

The construction industry has experienced a notable uptick in ransomware incidents over the past few years. Specifically, in 2022, there was a significant rise in ransomware attacks targeting industrial control systems (ICS), with 247 incidents reported in North America alone. Given its operational scope, Conway Electrics represents a prime target for threat actors, especially those leveraging ransomware-as-a-service (RaaS) models to execute their attacks.

While the company's public-facing website offers limited insight into its operational size or specific vulnerabilities, the 2022 ICS in Review report by Dragos sheds light on common sector-wide challenges. These include limited network visibility and the problematic practice of sharing access and credentials between IT and operational technology (OT) teams. Such practices can inadvertently facilitate ransomware attacks by providing cybercriminals with easier access to critical systems.

The attack on Conway Electrics underscores a growing trend of ransomware campaigns against industrial entities. This surge is influenced by various factors, including geopolitical tensions, the emergence of tools like Lockbit Builder, and the proliferation of RaaS. In response, Conway Electrics, along with similar organizations, must prioritize enhancing their network visibility and strengthening their security perimeters to mitigate the risk of future incidents.

Sources

• Conway Electrics Pty Ltd. (n.d.).
• DataBreaches.net. (2018, September 25). Ransomware Attacks Conway, Companies out Thousands.
• KTVE. (2018, September 26). Ransomware attacks in Conway, AR leaves companies out thousands of dollars.
• YouTube. (2018, September 25). Ransomware Attacks Conway, Companies out Thousands.
• Dragos. (2023, February 14). ICS 2022 in Review: The Rise of PIPEDREAM and Ransomware Attacks.