lockbit2 attacks Simatelex Mfy Co Ltd
Incident Date:
March 3, 2022
Overview
Title
lockbit2 attacks Simatelex Mfy Co Ltd
Victim
Simatelex Mfy Co Ltd
Attacker
Lockbit2
Location
First Reported
March 3, 2022
Simatelex Mfy Co Ltd Suffers Ransomware Attack
Simatelex Mfy Co Ltd, a prominent OEM manufacturer known for producing electrical household appliances for global brands, has recently fallen victim to a ransomware attack orchestrated by the Lockbit2 group. The incident was disclosed on the group's dark web leak site, emphasizing the vulnerability of Simatelex's extensive operations. The company, which boasts three production facilities in China and one in Batam, Indonesia, covers over 4 million square feet and employs around 20,000 individuals.
The significant scale and international reach of Simatelex render it an attractive target for cybercriminals. Potential security weaknesses such as outdated software, unpatched systems, and a lack of comprehensive cybersecurity awareness among employees could have left the company susceptible to this ransomware attack. Such incidents not only encrypt data but also demand a ransom for its release, posing a severe threat to the affected organization's operations and reputation.
This attack on Simatelex underscores a growing trend where cybercriminals target smaller entities within the supply chain. As larger corporations enhance their cybersecurity postures, attackers move to exploit more vulnerable links. This shift accentuates the critical need for robust cybersecurity practices across the supply chain, urging companies to adopt comprehensive security measures to safeguard their operations and those of their partners.
Sources
- Simatelex Mfy Co Ltd: About Simatelex
- Malwarebytes: Chip company loses $250m after ransomware hits supply chain
- ZDNet: This company was hit by ransomware. Here's what they did next, and why they didn't pay up
- The Record: Semiconductor industry giant says ransomware attack on supplier will cost it $250 million
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.