DragonForce Strikes: Ransomware Attack on Västblekinge Miljö Aktiebolag
Incident Date:
April 21, 2024
Overview
Title
DragonForce Strikes: Ransomware Attack on Västblekinge Miljö Aktiebolag
Victim
Västblekinge Miljö Aktiebolag
Attacker
Dragonforce
Location
First Reported
April 21, 2024
Ransomware Attack on Västblekinge Miljö Aktiebolag by DragonForce
Overview of the Attack
Västblekinge Miljö Aktiebolag (VMAB), a Swedish municipal waste management company, recently fell victim to a ransomware attack orchestrated by the group known as DragonForce. The attack compromised the company's website resulting in the theft of approximately 10.24 GB of data.
Company Profile
A key player in the waste management sector in Sweden, VMAB, owned by the municipalities of Karlshamn, Sölvesborg, and Olofström. The company is responsible for planning, receiving, sorting, and increasing recycling efforts, and it operates a biogas facility. The company employs between 11-50 individuals and is in the process of constructing a dry digestion facility capable of processing 15,000 tons of waste annually. This facility will handle a mix of sorted household and garden waste.
Industry Standout
The company is distinguished by its municipal ownership and its commitment to sustainable waste management practices. The company's efforts in operating recycling centers and developing a biogas facility highlight its role in promoting environmental sustainability within the region. Additionally, VMAB's initiative to build a new dry digestion facility underscores its forward-thinking approach to waste management technology.
Potential Vulnerabilities
The nature of their operations involves handling significant amounts of sensitive data related to municipal waste management, making it a potential target for cyberattacks. The company's size and the critical nature of its services may also contribute to its attractiveness as a target, as disruption in its operations could have wide-reaching effects on community health and sanitation.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.