BlackBasta Ransomware Strikes SSI Shredding Systems, Inc.

Incident Date:

June 6, 2024

World map

Overview

Title

BlackBasta Ransomware Strikes SSI Shredding Systems, Inc.

Victim

SSI Shredding Systems, Inc.

Attacker

Blackbasta

Location

Wilsonville, USA

Oregon, USA

First Reported

June 6, 2024

BlackBasta Ransomware Attack on SSI Shredding Systems, Inc.

Overview of SSI Shredding Systems, Inc.

SSI Shredding Systems, Inc., headquartered in Wilsonville, Oregon, is a leading designer and manufacturer of industrial shredders and size reduction systems. With over 40 years of experience, the company provides solutions for various industries, including municipal, government, hazardous waste cleanup sites, and medical waste. The company operates a 100,000 square foot manufacturing site and is known for its innovative, low-speed, high-torque shredders.

Details of the Ransomware Attack

On June 7, 2024, the ransomware group BlackBasta executed a significant attack on SSI Shredding Systems, Inc., compromising 300GB of data. The attack targeted the company's domain leading to a substantial data breach. The specifics of the compromised data have not been disclosed, but the breach underscores the vulnerabilities that even well-established companies face.

About BlackBasta Ransomware Group

BlackBasta is a notorious ransomware operator that emerged in early 2022. The group is known for its double extortion tactics, encrypting critical data and threatening to publish it if the ransom is not paid. BlackBasta targets organizations in highly focused attacks, often using spear-phishing, insider information, and buying network access to infiltrate systems. The group has been linked to over 500 attacks globally, making significant financial gains.

Penetration and Impact

BlackBasta likely penetrated SSI Shredding Systems' network through sophisticated methods such as spear-phishing or exploiting vulnerabilities within the company's IT infrastructure. Once inside, the group used tools like QakBot and Mimikatz for lateral movement and credential harvesting. The attack on SSI Shredding Systems highlights the critical need for robust cybersecurity measures, especially for companies handling sensitive and industrial data.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.