bianlian attacks Conway Electrics

Incident Date:

July 16, 2022

World map



bianlian attacks Conway Electrics


Conway Electrics




Heatherton, Australia

Heatherton, Australia

First Reported

July 16, 2022

Conway Electrics Suffers Ransomware Attack

Conway Electrics Pty Ltd, an electrical contracting company with a focus on commercial, industrial, and domestic installations, as well as maintenance and cbus systems, has recently fallen victim to a ransomware attack orchestrated by the Bianlian group. This incident was disclosed on the group's dark web leak site, highlighting the ongoing vulnerability of companies within the construction sector to cybercriminal activities.

The construction industry has experienced a notable uptick in ransomware incidents over the past few years. Specifically, in 2022, there was a significant rise in ransomware attacks targeting industrial control systems (ICS), with 247 incidents reported in North America alone. Given its operational scope, Conway Electrics represents a prime target for threat actors, especially those leveraging ransomware-as-a-service (RaaS) models to execute their attacks.

While the company's public-facing website offers limited insight into its operational size or specific vulnerabilities, the 2022 ICS in Review report by Dragos sheds light on common sector-wide challenges. These include limited network visibility and the problematic practice of sharing access and credentials between IT and operational technology (OT) teams. Such practices can inadvertently facilitate ransomware attacks by providing cybercriminals with easier access to critical systems.

The attack on Conway Electrics underscores a growing trend of ransomware campaigns against industrial entities. This surge is influenced by various factors, including geopolitical tensions, the emergence of tools like Lockbit Builder, and the proliferation of RaaS. In response, Conway Electrics, along with similar organizations, must prioritize enhancing their network visibility and strengthening their security perimeters to mitigate the risk of future incidents.


  • Conway Electrics Pty Ltd. (n.d.).
  • (2018, September 25). Ransomware Attacks Conway, Companies out Thousands.
  • KTVE. (2018, September 26). Ransomware attacks in Conway, AR leaves companies out thousands of dollars.
  • YouTube. (2018, September 25). Ransomware Attacks Conway, Companies out Thousands.
  • Dragos. (2023, February 14). ICS 2022 in Review: The Rise of PIPEDREAM and Ransomware Attacks.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.