blackbasta attacks JKLM
Incident Date:
July 6, 2022
Overview
Title
blackbasta attacks JKLM
Victim
JKLM
Attacker
Blackbasta
Location
First Reported
July 6, 2022
Ransomware Attack on JKLM Architects
Company Overview
JKLM Architects, a German architecture firm operating in the hospitality sector, has been targeted by the ransomware group BlackBasta. The attack was announced on the group's dark web leak site, and the victim's website is https://www.jklm-architekten.de/.
Industry Standout
JKLM Architects is a Freie Architekten PartGmbB, a type of partnership in Germany that allows for a more flexible business structure. The company is led by Jans Thomas, Ladel Frank, Munz Axel, and has a team of architects and designers. JKLM Architects specializes in the hospitality sector, which has been a popular target for ransomware attacks due to the potential for significant disruption and revenue loss. The industry's reliance on digital systems for booking, management, and customer data makes it vulnerable to cyberattacks.
Vulnerabilities
The hospitality sector has seen a renewed focus by hackers in recent years, with several high-profile attacks on major chains like MGM Resorts, Marriott International, and Hilton. These attacks have targeted a wide range of systems, from slot machines to restaurant management systems, and have often occurred during busy periods to maximize disruption.
To mitigate the risk of ransomware attacks, organizations should implement strong network segmentation and access controls, utilize preemptive protection solutions powered by threat intelligence, and train staff to identify and report phishing attempts. Additionally, having Data Loss Prevention (DLP) controls in place can help prevent data from being easily transferred to attackers.
Previous Attacks in the Hospitality Sector
In recent years, the hospitality sector has been hit by several high-profile ransomware attacks, including:
- MGM Resorts: A cyber attack in September 2023 impacted the company's systems, including online booking systems and slot machines at some of its Las Vegas properties.
- Marriott International: The hotel chain suffered a data breach in June 2022, exfiltrating 20 GB of data including confidential and proprietary information.
- Sabre: A ransomware gang claimed to have stolen 1.3TB of data from the travel booking company, including corporate financial information, passenger turnover, and ticket sales data.
- IHG Hotels: A cyber attack in September 2022 significantly disrupted the company's booking systems and other operations.
The ransomware attack on JKLM Architects is part of a larger trend of cyberattacks targeting the hospitality sector. To protect against such attacks, organizations should implement robust cybersecurity measures and stay informed about emerging threats.
Sources
- JKLM Architects - https://www.jklm-architekten.de/
- Motel One Ransomware Response - https://therecord.media/motel-one-ransomware-response-hotel-chain-europe
- Hospitality Hacks: The Biggest Cyber Attacks Against the Sector - https://www.linkedin.com/pulse/hospitality-hacks-biggest-cyber-attacks-against-sector
- Omni Hotels Says Widespread Outages Caused by Cyberattack - https://therecord.media/omni-hotels-cyberattack-disruptions-customers
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.