blackbasta attacks The UNITED GRINDING

Incident Date:

October 6, 2022

World map



blackbasta attacks The UNITED GRINDING






Miamisburg, USA

Odaho, USA

First Reported

October 6, 2022

UNITED GRINDING Group Suffers Ransomware Attack

The UNITED GRINDING Group, a leading supplier of precision grinding machines, has been targeted by the ransomware group BlackBasta. The attack was announced on the group's dark web leak site, and the victim's website is currently under scrutiny. The company operates in the manufacturing sector and has a strong presence in various industries, including automotive, tool, and medical technology.

Company Profile

The UNITED GRINDING Group is a global organization with eight strong corporate brands (MÄGERLE, BLOHM, JUNG, STUDER, SCHAUDT, MIKROSA, WALTER, EWAG) and more than 20 branches worldwide. They provide innovative technologies and solutions for diverse industries, such as automotive, tool, and medical technology.

Vulnerabilities and Impact

Ransomware attacks often start with unpatched vulnerabilities, which can be exploited by threat actors to gain access to a victim's corporate environment, devices, and data. According to a report by Sophos, 32% of ransomware attacks in the past year started with an exploited vulnerability, with the highest proportion of attacks occurring in the energy, oil/gas, and utilities sectors.

The impact of ransomware attacks can be severe, with organizations reporting more severe outcomes when the attack starts with an exploited vulnerability. These outcomes include a higher propensity to have backups compromised, data encrypted, and ransom payments made, as well as higher overall attack recovery costs and longer recovery times.

Mitigation Strategies

To mitigate the risk of ransomware attacks, organizations should prioritize patching newly disclosed vulnerabilities, understand the adversary's tactics, techniques, and procedures, and develop robust backup and restoration processes.

The UNITED GRINDING Group's ransomware attack by BlackBasta highlights the importance of maintaining a secure corporate environment and addressing vulnerabilities promptly. As the manufacturing sector continues to be a target for cybercriminals, it is crucial for organizations to stay vigilant and implement robust security measures to protect their data and operations.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.