Ransomware Attack Hits H.L. Lawson & Sons, Data Security at Risk

Incident Date:

August 24, 2024

World map

Overview

Title

Ransomware Attack Hits H.L. Lawson & Sons, Data Security at Risk

Victim

HL Lawson & Sons

Attacker

Inc Ransom

Location

Roanoke, USA

Virginia, USA

First Reported

August 24, 2024

Ransomware Attack on H.L. Lawson & Sons by INC Ransom

H.L. Lawson & Sons, a prominent logistics and warehousing company based in Roanoke, Virginia, has recently fallen victim to a ransomware attack orchestrated by the notorious cybercriminal group INC Ransom. The attack was publicly claimed by the group on their dark web leak site, raising significant concerns about the security of the company's data and operations.

Company Profile

Founded in 1937 by Harry Leland Lawson, H.L. Lawson & Sons, also known as Lawson Companies, has established itself as a leader in the logistics and warehousing sector. The company operates a substantial infrastructure with up to one million square feet of storage space, specializing in general commodity storage and distribution. Their services include Just-In-Time (JIT) inventory programs, cross-docking, and load consolidations, with facilities strategically located for rail-side access.

Lawson Logistics, a division of H.L. Lawson & Sons, manages transportation across the Eastern United States, boasting a fleet of 34 power units equipped with satellite tracking for real-time delivery monitoring. The company employs between 11 to 50 individuals, indicating a small to medium-sized enterprise.

Attack Overview

INC Ransom claims to have infiltrated H.L. Lawson & Sons' systems, gaining access to their database. While the specific details of the compromised data have not been disclosed, the attack highlights the increasing threat of ransomware to businesses. The group's use of double extortion tactics, which involve both encrypting and stealing data, adds pressure on victims to comply with ransom demands.

About INC Ransom

INC Ransom is a sophisticated ransomware group known for targeting corporate and organizational networks. They employ advanced techniques such as spear-phishing and exploiting vulnerabilities like CVE-2023-3519 in Citrix NetScaler. The group has been active since 2023 and has targeted various industries, including healthcare, education, and technology. Their attacks often involve double extortion, threatening to release stolen data if ransom demands are not met.

Potential Vulnerabilities

H.L. Lawson & Sons' reliance on integrated logistics solutions and real-time tracking technology may have exposed them to vulnerabilities exploited by INC Ransom. The group's sophisticated methods, including the use of legitimate system tools for reconnaissance and lateral movement, could have facilitated the breach. This incident underscores the critical need for enhanced cybersecurity measures to protect against such advanced threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.