Ransomware Attack on Wisconsin Industrial Coatings

Overview

Wisconsin Industrial Coatings, a company based in the USA, was targeted in a cyberattack by the LockBit 3.0 cybercrime group. The attackers used ransomware to encrypt the company's data, making it inaccessible unless a ransom is paid. It is likely that the victim's website was compromised or used in the attack.

Victim Profile

Wisconsin Industrial Coatings, a company based in Kaukauna, Wisconsin, specializes in industrial coating and sandblasting services. They cater to various industries such as petrochemical, construction, pulp and paper, marine, nuclear, mining, power generation, and water treatment. The company has 32 employees and a revenue of $8.4 million.

Company Standout

The company stands out in the industry by emphasizing the importance of seeking, training, and retaining the best employees, including having NACE Coating Inspectors on staff. They offer in-shop surface preparation and coating applications to the industrial and commercial markets of Wisconsin with field services available nationwide.

Vulnerabilities

Being targeted by threat actors, Wisconsin Industrial Coatings may have vulnerabilities in their cybersecurity defenses that allowed the LockBit 3.0 ransomware group to penetrate their systems. The company's website could have been compromised or used as an entry point for the attack.

Ransomware Group Details

The LockBit 3.0 ransomware group is known for its advanced capabilities and evasive techniques. They encrypt files, modify filenames, change desktop wallpapers, and drop ransom notes on victims' desktops. LockBit 3.0 is heavily obfuscated and protected against analysis, making it challenging for security researchers to study. The group operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks.

Sources

• ZoomInfo - Wisconsin Industrial Coatings
• D&B - Wisconsin Industrial Coatings
• VMware - LockBit 3.0
• SentinelOne - LockBit 3.0