hiveleak attacks Creative Liquid Coatings INC

Incident Date:

January 25, 2022

World map

Overview

Title

hiveleak attacks Creative Liquid Coatings INC

Victim

Creative Liquid Coatings INC

Attacker

Hiveleak

Location

Kendallville, USA

Illinois, USA

First Reported

January 25, 2022

Creative Liquid Coatings Inc. Suffers Ransomware Attack

Overview of the Incident

Creative Liquid Coatings Inc. (CLC), a prominent provider in the realms of injection molding, painting and finishing, chrome plating, and assembly services, has recently fallen victim to a ransomware attack orchestrated by the group known as HiveLeak. This incident was disclosed on a dark web leak site, highlighting the ongoing cybersecurity threats faced by the manufacturing sector.

Company Profile

CLC is renowned for its comprehensive handling of performance materials, ranging from commodity grades to engineered thermoplastic resins. The company's state-of-the-art 316,000 sq. ft. facility boasts two automated paint finishing lines equipped with 24 Fanuc paint robots, ensuring exceptional finish quality and industry-leading color match capabilities. Additionally, CLC's chrome plating services complement its injection molding and painting operations, further solidifying its market position.

In a strategic move to bolster its offerings, CLC acquired CK Technologies (CKT), a key supplier of large injection molded plastic parts and panels for the commercial truck and bus sectors. CKT's integration into CLC's operations brought 16 injection molding presses, automated paint finishing lines, and advanced assembly capabilities under the CLC umbrella.

Challenges and Vulnerabilities

Despite its strategic acquisitions and operational expansions, CLC has encountered significant challenges, including the rising costs of inflation and labor shortages. These factors have notably affected CKT's operational continuity and potentially exposed the company to increased cybersecurity risks. While the specific vulnerabilities exploited in the ransomware attack have not been disclosed, it is widely acknowledged that such incidents often leverage gaps in cybersecurity defenses, such as unpatched software or outdated systems.

Attack Details

The ransomware group HiveLeak has taken credit for the attack on CLC. However, the particulars of the ransomware variant employed and the full scope of the impact remain undisclosed. This lack of detailed information underscores the opaque nature of ransomware attacks and the challenges in assessing their full ramifications.

Sources

  • Creative Liquid Coatings acquires CK Technologies - Aftermarket International. URL not provided.
  • Shaun van Niekerk, CISSP on LinkedIn. URL not provided.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.