lorenz attacks Brunk Industries

Incident Date:

May 16, 2022

World map



lorenz attacks Brunk Industries


Brunk Industries




Lake Geneva, USA

Wisconsin, USA

First Reported

May 16, 2022

Brunk Industries Suffers Ransomware Attack by Lorenz Group

Brunk Industries, a world-class precision manufacturing company, has been targeted by the ransomware group Lorenz, as reported on the dark web leak site of the attackers. The company, which operates in the manufacturing sector, has been hit by a ransomware attack that has disrupted its operations.

Company Overview

Brunk Industries, founded in 1960, is a leading manufacturer of micro-precision component stampings, assemblies, and class-critical devices. The company is known for its expertise in fabricating all grades of stainless steel and exotic metals, including tantalum, MP35N, niobium, kovar, titanium, and many others. Brunk Industries also offers full service component assembly, EDM, and laser processing.

Vulnerabilities and Impact

The attack by the Lorenz group highlights the vulnerabilities of industrial organizations to ransomware attacks, particularly those that have accelerated their digitization efforts. The manufacturing sector has been the most targeted by such attacks, with 70% of industrial ransomware attacks occurring in this industry. The impact of such attacks can be significant, disrupting operations and potentially leading to financial losses for the affected companies.

Lorenz Ransomware

Lorenz is a ransomware group that has been identified as having design and implementation flaws, making decryption of affected files difficult for victims. The group has been known to provide free decryption tools for some versions of their malware, but their operators have not been able to provide tools to decrypt affected files.

The attack on Brunk Industries by the Lorenz group underscores the need for industrial organizations to invest in robust cybersecurity measures to protect against ransomware attacks. As the manufacturing sector continues to digitize, the risk of such attacks is likely to increase, highlighting the importance of proactive cybersecurity strategies.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.