Ransomware Hits Lácteos Lorán by Sarcoma Group
Incident Date:
October 9, 2024
Overview
Title
Ransomware Hits Lácteos Lorán by Sarcoma Group
Victim
Lácteos Lorán
Attacker
Sarcoma
Location
First Reported
October 9, 2024
Ransomware Attack on Lácteos Lorán by Sarcoma Group
Lácteos Lorán, a prominent cheese manufacturer based in Gontán, Abadín, Lugo, has recently become a victim of a ransomware attack by the emerging cybercriminal group known as "Sarcoma." This incident highlights the increasing threat posed by ransomware groups targeting diverse industries worldwide.
Company Profile: Lácteos Lorán
Founded in 1973, Lácteos Lorán is a well-established company specializing in cheese production. The company processes approximately 45,000 liters of milk daily, showcasing significant growth from its humble beginnings. Known for its diverse range of cheese products, including Queso Lorán and San Simón, the company has carved a niche in the dairy industry by blending traditional cheese-making techniques with modern innovations. Lácteos Lorán employs between 20 to 49 people and generates an estimated revenue of 1 to 5 million euros annually. Their commitment to quality and safety, along with strong relationships with local milk suppliers, has been a cornerstone of their operations.
Attack Overview
The ransomware attack on Lácteos Lorán was orchestrated by Sarcoma, a newly identified group that has quickly gained notoriety for its aggressive tactics. The group has listed Lácteos Lorán among over 30 victims on its dark web portal, indicating a broadening scope of operations. The attack underscores the vulnerabilities faced by small to medium-sized enterprises in the manufacturing sector, which may lack the cybersecurity infrastructure needed to fend off sophisticated cyber threats.
Sarcoma Ransomware Group
Sarcoma has distinguished itself in the cyber threat landscape through its aggressive data exfiltration and double extortion strategies. The group not only encrypts files but also threatens to leak sensitive information publicly if ransom demands are not met. Sarcoma's operations have primarily targeted industries in the USA, Canada, Australia, and Spain, with a notable presence on the darknet where it lists its victims. The group's emergence in October 2024 has been marked by a series of high-profile attacks, emphasizing the need for heightened vigilance among potential targets.
Potential Vulnerabilities
Lácteos Lorán's vulnerabilities may stem from its size and the nature of its operations. As a small to medium-sized enterprise, the company might not have the extensive cybersecurity resources that larger corporations possess. Additionally, the integration of traditional practices with modern business operations could present security gaps that sophisticated threat actors like Sarcoma can exploit.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.