lockbit2 attacks Hany AG
Incident Date:
March 2, 2022
Overview
Title
lockbit2 attacks Hany AG
Victim
Hany AG
Attacker
Lockbit2
Location
First Reported
March 2, 2022
Hany AG Suffers Ransomware Attack, Operates in Construction Sector
Company Overview
Hany AG is a Swiss company that provides solutions for rein- and abwasserbewirtschaftung (clean and wastewater management) on a communal and industrial level, as well as for haustechnik and gebäudetechnik (house technology and building technology). They produce mass-customized PE-products such as pumpenschächte and schlammsammler (pump shafts and sludge collectors) from a modern production facility. The company also offers injection systems for the strengthening and sealing of the ground, making it possible to build on difficult ground conditions.
Vulnerabilities and Targeting
Ransomware attackers often target organizations with poor credential hygiene and legacy configurations, which can allow them to gain access and steal valuable data. In the case of Hany AG, the specific vulnerabilities that led to the attack are not publicly disclosed. However, it is known that ransomware attackers can exploit unpatched software, outdated hardware, and weak security practices to gain entry and deploy their malware.
Industry Impact
The construction sector has seen an increase in ransomware attacks, with criminals targeting organizations for the shock value or type of data they can exfiltrate. These attacks can cause significant disruption to operations, leading to lost productivity, revenue, and potentially damaging the reputation of the targeted company.
Mitigation Strategies
To protect against ransomware attacks, organizations should implement best practices such as multifactor authentication, endpoint detection and response, encryption, and a skilled, empowered security team. Regularly testing incident response plans, backing up data, and patching systems promptly are also crucial in preventing successful attacks.
The ransomware attack on Hany AG serves as a reminder that no company is immune to these types of cyber threats. It is essential for organizations to prioritize cybersecurity and implement robust security measures to protect against ransomware and other cyber threats.
Sources
- Hany AG Website: https://www.haeny.com/
- AG Healey Urges Businesses and Government Agencies to Take Immediate Steps to Protect Operations from Ransomware Attacks: https://www.mass.gov/news/ag-healey-urges-businesses-and-government-agencies-to-take-immediate-steps-to-protect-operations-from-ransomware-attacks
- Ransomware as a Service: Understanding the Cybercrime Gig Economy and How to Protect Yourself: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
- NY AG issues $450k penalty to US Radiology after unpatched bug led to ransomware attack: https://therecord.media/new-york-attorney-general-fines-radiology-firm-after-ransomware-attack
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.