J&J Network Engineering Hit by DragonForce Ransomware, 115GB Data Leaked
Incident Date:
August 18, 2024
Overview
Title
J&J Network Engineering Hit by DragonForce Ransomware, 115GB Data Leaked
Victim
J&J Network Engineering
Attacker
Dragonforce
Location
First Reported
August 18, 2024
DragonForce Ransomware Group Targets J&J Network Engineering in Major Data Breach
J&J Network Engineering Co., Ltd, a prominent player in the building construction industry based in Hong Kong, has recently fallen victim to a ransomware attack orchestrated by the DragonForce group. The attack, discovered on August 19, resulted in a significant data leak of 115.67GB, severely impacting the company's operations and client data security.
About J&J Network Engineering
J&J Network Engineering specializes in providing comprehensive engineering solutions, focusing on the design, installation, and maintenance of various network systems. Established in 2004, the company has built a reputation for its expertise in Building Management Systems (BMS), Life Science Clean Room Controls, Staircase Pressurization & Smoke Extraction Systems, Public Transport Interchanges (PTI) Environment Control, and Air Quality Monitoring & Control. With a team of 11 to 50 employees, J&J Network Engineering is known for its customer-centric approach and quick response to client needs.
Attack Overview
The ransomware attack on J&J Network Engineering was claimed by DragonForce, a relatively new but aggressive ransomware group that emerged in late 2023. The group is known for its double extortion tactics, where they encrypt victims' data and exfiltrate sensitive information, threatening to release it publicly if the ransom is not paid. In this case, DragonForce leaked 115.67GB of data on their dark web leak site, significantly compromising J&J Network Engineering's operational integrity and client confidentiality.
DragonForce Ransomware Group
DragonForce has quickly gained notoriety for its sophisticated attack methods and high-profile targets. The group uses a ransomware code based on a leaked builder from the infamous LockBit ransomware group, allowing them to rapidly develop and deploy their malware. DragonForce has targeted various industries across the globe, including the US, UK, Australia, Singapore, and other countries. Their victims include notable entities such as the Ohio Lottery, Yakult Australia, and Coca-Cola Singapore.
Vulnerabilities and Penetration
J&J Network Engineering's reliance on cutting-edge technology from top-tier equipment manufacturers makes them a lucrative target for ransomware groups like DragonForce. The company's extensive portfolio and involvement in complex infrastructure projects mean that any disruption can have far-reaching consequences. While the exact method of penetration remains unclear, it is likely that DragonForce exploited vulnerabilities in the company's network systems or leveraged social engineering tactics to gain access.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.