RansomHub Targets Hudson Civil Engineering in Ransomware Attack

Hudson Civil Engineering, a key player in Tasmania's civil construction and supply industry, has been targeted by the ransomware group RansomHub. The attack, announced on August 7, 2024, involves the exfiltration of 112 gigabytes of data, with a threat to release the stolen information on RansomHub's darknet leak site within a week.

About Hudson Civil Engineering

Hudson Civil Engineering, officially registered as Hudson Civil Pty Ltd, is a prominent manufacturer and supplier of infrastructure products in Tasmania, Australia. The company specializes in civil and commercial plumbing supplies, precast concrete products, and innovative infrastructure solutions. With over 40 years of industry experience, Hudson Civil Engineering operates from offices in Launceston, Hobart, and Devonport, employing a skilled workforce dedicated to delivering high-quality products and services.

What Makes Hudson Civil Engineering Stand Out

Hudson Civil Engineering is renowned for its comprehensive range of products and services, including the innovative MassBloc® system, a modular retaining wall solution favored for its ease of installation and versatility. The company's commitment to quality and innovation, coupled with a knowledgeable team, positions it as a vital partner for various construction projects across Tasmania.

Attack Overview

RansomHub claims to have exfiltrated 112 gigabytes of data from Hudson Civil Engineering, with a deadline of just over three days before the potential data release. The ransomware group has provided minimal details about the breach, only referencing a brief description of the company's business from its website. Hudson Civil Engineering has not yet commented on the incident.

About RansomHub

RansomHub is a ransomware-as-a-service (RaaS) group that has been active since February 2022. The group operates with affiliates receiving 90% of the ransom money, while the main group retains 10%. RansomHub's ransomware strains are written in Golang, a relatively new trend in the ransomware world. The group has targeted nearly 90 victims to date, including healthcare institutions and companies across various countries.

Potential Vulnerabilities

Hudson Civil Engineering's significant role in Tasmania's infrastructure sector makes it an attractive target for ransomware groups like RansomHub. The company's extensive data and operational dependencies on digital systems may have presented vulnerabilities that the attackers exploited. The specifics of how RansomHub penetrated Hudson Civil Engineering's systems remain unclear, but the incident underscores the importance of vigilant cybersecurity measures.

Sources

• Hudson Civil Products
• Dark Web Profile: RansomHub