lockbit2 attacks Hany AG

Incident Date:

March 2, 2022

World map

Overview

Title

lockbit2 attacks Hany AG

Victim

Hany AG

Attacker

Lockbit2

Location

Buechstrasse, Switzerland

Jona SG, Switzerland

First Reported

March 2, 2022

Hany AG Suffers Ransomware Attack, Operates in Construction Sector

Company Overview

Hany AG is a Swiss company that provides solutions for rein- and abwasserbewirtschaftung (clean and wastewater management) on a communal and industrial level, as well as for haustechnik and gebäudetechnik (house technology and building technology). They produce mass-customized PE-products such as pumpenschächte and schlammsammler (pump shafts and sludge collectors) from a modern production facility. The company also offers injection systems for the strengthening and sealing of the ground, making it possible to build on difficult ground conditions.

Vulnerabilities and Targeting

Ransomware attackers often target organizations with poor credential hygiene and legacy configurations, which can allow them to gain access and steal valuable data. In the case of Hany AG, the specific vulnerabilities that led to the attack are not publicly disclosed. However, it is known that ransomware attackers can exploit unpatched software, outdated hardware, and weak security practices to gain entry and deploy their malware.

Industry Impact

The construction sector has seen an increase in ransomware attacks, with criminals targeting organizations for the shock value or type of data they can exfiltrate. These attacks can cause significant disruption to operations, leading to lost productivity, revenue, and potentially damaging the reputation of the targeted company.

Mitigation Strategies

To protect against ransomware attacks, organizations should implement best practices such as multifactor authentication, endpoint detection and response, encryption, and a skilled, empowered security team. Regularly testing incident response plans, backing up data, and patching systems promptly are also crucial in preventing successful attacks.

The ransomware attack on Hany AG serves as a reminder that no company is immune to these types of cyber threats. It is essential for organizations to prioritize cybersecurity and implement robust security measures to protect against ransomware and other cyber threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.