blackbasta attacks Elbit Systems
Incident Date:
June 26, 2022
Overview
Title
blackbasta attacks Elbit Systems
Victim
Elbit Systems
Attacker
Blackbasta
Location
First Reported
June 26, 2022
Elbit Systems of America Suffers Ransomware Attack by Black Basta
Elbit Systems of America, a subsidiary of the Israeli defense organization Elbit Systems, has suffered a ransomware attack by the Black Basta group. The attack occurred on June 8, 2022, and was discovered by the company on the same day. The breach impacted 369 employees, exposing their personal information, including full names, addresses, Social Security numbers, ethnicities, and birthdays.
Elbit Systems of America is a U.S.-based company that provides technology-based systems for defense, commercial aviation, homeland security, medical instrumentation, and law enforcement. The company has a significant presence in the manufacturing sector, which makes it a valuable target for threat actors seeking to exploit vulnerabilities in the supply chain.
The Black Basta ransomware gang, which has been active since April 2022, claimed responsibility for the attack and added the company's name and information to their leak site. The group uses a double-extortion attack method, encrypting files and threatening to publish stolen data if the ransom is not paid within a specified timeframe.
The breach highlights the need for cybersecurity risk prevention measures, particularly in the aerospace and defense industry, where a single attack can have significant consequences for national security and critical infrastructure. As the threat landscape continues to evolve, organizations must adapt their cybersecurity strategies to protect against emerging threats and vulnerabilities.
Sources
- Recent Ransomware Attack on U.S. Aerospace & Defense Firm Highlights Need for Cyber Risk Prevention - Craft.co
- Elbit Systems of America Alerts Employees of Ransomware Attack - IDStrong
- Defense firm Elbit Systems of America discloses data breach - Security Affairs
- US arm of Israeli defense giant Elbit Systems says it was hacked - TechCrunch
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.