RansomHouse Extortion Threatens Czech Republic-Based STERCH-INTERNATIONAL
Incident Date:
April 24, 2024
Overview
Title
RansomHouse Extortion Threatens Czech Republic-Based STERCH-INTERNATIONAL
Victim
STERCH - INTERNATIONAL s.r.o.
Attacker
Ransomhouse
Location
First Reported
April 24, 2024
RansomHouse Targets STERCH-INTERNATIONAL in Cyber Extortion Scheme
Company Profile
STERCH-INTERNATIONAL s.r.o., a Czech Republic-based enterprise, specializes in the precision manufacturing of components for the aerospace, space, nuclear, and scientific industries. With a workforce fluctuating between 9 and 49 employees, the company is recognized for its commitment to high-quality standards and technological innovation. Despite its small size, the company plays a critical role in its niche, particularly in producing machined parts for aerospace engines and electric actuators for nuclear applications.
Details of the RansomHouse Attack
RansomHouse, a cybercriminal group known for its data theft and extortion tactics, has recently claimed responsibility for an attack on Sterch. The group, which emerged in late 2021, exploits security vulnerabilities to exfiltrate sensitive data, subsequently demanding ransom to prevent its public release. Unlike traditional ransomware attacks, RansomHouse does not encrypt the victim's data but threatens its exposure, leveraging the stolen information as a bargaining chip.
Vulnerabilities and Impact
The attack on the company highlights potential vulnerabilities within smaller enterprises that are integral to critical supply chains. The company's involvement in high-stakes industries such as aerospace and nuclear sectors makes it an attractive target for cybercriminals looking to exploit industrial secrets or disrupt essential services. The financial figures from 2023, showing a revenue drop and a decrease in net profit margin, suggest that the company might be experiencing challenges that could be exacerbated by such cybersecurity threats.
Sources
- EMIS - Company Profile: STERCH-INTERNATIONAL s.r.o.
- Apollo.io - STERCH-INTERNATIONAL s.r.o.
- STERCH-INTERNATIONAL Official Website
- ZoomInfo - STERCH-INTERNATIONAL s.r.o.
- LinkedIn - STERCH-INTERNATIONAL s.r.o.
- ThreatDown - Threat Profile: RansomHouse
- Cyberint - RansomHouse Research
- SciLabs Blog - Threat Profile: RansomHouse
- Thodex - RansomHouse
- BleepingComputer - New RansomHouse Group
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.