DragonForce Strikes: Ransomware Attack on Västblekinge Miljö Aktiebolag

Incident Date:

April 21, 2024

World map

Overview

Title

DragonForce Strikes: Ransomware Attack on Västblekinge Miljö Aktiebolag

Victim

Västblekinge Miljö Aktiebolag

Attacker

Dragonforce

Location

Morrum, Sweden

, Sweden

First Reported

April 21, 2024

Ransomware Attack on Västblekinge Miljö Aktiebolag by DragonForce

Overview of the Attack

Västblekinge Miljö Aktiebolag (VMAB), a Swedish municipal waste management company, recently fell victim to a ransomware attack orchestrated by the group known as DragonForce. The attack compromised the company's website resulting in the theft of approximately 10.24 GB of data.

Company Profile

A key player in the waste management sector in Sweden, VMAB, owned by the municipalities of Karlshamn, Sölvesborg, and Olofström. The company is responsible for planning, receiving, sorting, and increasing recycling efforts, and it operates a biogas facility. The company employs between 11-50 individuals and is in the process of constructing a dry digestion facility capable of processing 15,000 tons of waste annually. This facility will handle a mix of sorted household and garden waste.

Industry Standout

The company is distinguished by its municipal ownership and its commitment to sustainable waste management practices. The company's efforts in operating recycling centers and developing a biogas facility highlight its role in promoting environmental sustainability within the region. Additionally, VMAB's initiative to build a new dry digestion facility underscores its forward-thinking approach to waste management technology.

Potential Vulnerabilities

The nature of their operations involves handling significant amounts of sensitive data related to municipal waste management, making it a potential target for cyberattacks. The company's size and the critical nature of its services may also contribute to its attractiveness as a target, as disruption in its operations could have wide-reaching effects on community health and sanitation.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.