Ransomware Attack on Gebäude-Entkernungs-Technik GmbH

Gebäude-Entkernungs-Technik GmbH, a company specializing in building renovation and demolition, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is https://www.get-entkernung.de/. The company operates in the Business Services sector, focusing on building renovation and demolition.

Company Overview

Gebäude-Entkernungs-Technik GmbH offers a range of services, including building renovation, industrial dismantling, static demolition, asbestos removal, and building demolition. The company's website highlights its expertise in creating space for new ideas by renovating buildings, often to the point of dismantling them entirely. The company's services are designed to meet the changing needs of buildings over time, ensuring that they can be repurposed or rebuilt as needed.

Vulnerabilities and Threats

Ransomware attacks typically exploit vulnerabilities in software, hardware, or network configurations. In the case of Gebäude-Entkernungs-Technik GmbH, the company's website does not provide detailed information about its IT infrastructure or cybersecurity measures. However, the company's reliance on digital systems for managing projects, customer information, and communication makes it a potential target for ransomware attacks.

The most common methods of ransomware attacks are phishing emails and brute force attacks against exposed Remote Desktop Protocol (RDP) services. These attacks can be particularly effective against companies that rely on remote access for their operations, as they may not have the same level of security controls in place as they would in a traditional office environment.

Mitigation Strategies

To mitigate the risk of ransomware attacks, companies should implement a multi-layered security strategy that includes:

• Defense-in-depth security: Deploying foundational cybersecurity tools and strategies such as antimalware, multifactor authentication, firewalls, email security filtering, web filtering, network traffic analysis, allowlisting/denylisting, endpoint detection and response, the principle of least privilege, and secure remote access technologies, including VPNs and zero-trust network access.
• Advanced security controls: Implementing advanced security controls that can recognize and catch known ransomware variants, as well as those that use new or unknown attack vectors.
• Regular updates and patches: Ensuring that all software and hardware are up-to-date with the latest security patches and updates to minimize vulnerabilities.
• Employee training: Educating employees about the risks of phishing emails and other social engineering attacks, as well as best practices for secure remote access and password management.

The ransomware attack on Gebäude-Entkernungs-Technik GmbH underscores the importance for companies in the Business Services sector to maintain a vigilant cybersecurity posture, especially in the context of remote access and digital systems. By adopting a comprehensive security strategy and fostering cybersecurity awareness among employees, businesses can significantly mitigate their risk of falling victim to cybercriminal attacks.

Sources

• Gebäude-Entkernungs-Technik GmbH. (n.d.). Entkernung. Retrieved from https://www.get-entkernung.de/
• Cloudian. (n.d.). Ransomware Data Recovery: How to Save Your Data. Retrieved from https://cloudian.com/guides/ransomware-backup/ransomware-data-recovery-5-ways-to-save-your-data/
• ZDNet. (2021, July 29). Ransomware: These are the two most common ways hackers get inside your network. Retrieved from https://www.zdnet.com/article/ransomware-these-are-the-two-most-common-ways-hackers-get-inside-your-network/
• TechTarget. (n.d.). What is Ransomware? How It Works and How to Remove It. Retrieved from https://www.techtarget.com/searchsecurity/definition/ransomware