Ransomware Hits RDC Control Ltd Exposing Industrial Cyber Risks

Incident Date:

October 18, 2024

World map

Overview

Title

Ransomware Hits RDC Control Ltd Exposing Industrial Cyber Risks

Victim

RDC Control Ltd

Attacker

Cicada 3301

Location

Blainville, Canada

, Canada

First Reported

October 18, 2024

Ransomware Attack on RDC Control Ltd by Cicada 3301

RDC Control Ltd, a prominent North American manufacturer specializing in industrial products, has become the latest victim of a ransomware attack by the notorious group Cicada 3301. This incident highlights the growing threat of cyberattacks on industrial manufacturers, particularly those with valuable operational and proprietary data.

About RDC Control Ltd

Established in 1975 by Raymond D. Codey, RDC Control Ltd is renowned for its high-quality industrial products, including pneumatic and hydraulic cylinders, valve actuators, and thermocouples. The company, headquartered in Blainville, Quebec, Canada, employs between 51 to 200 individuals and reports an estimated annual revenue of approximately $41 million. RDC Control's commitment to quality is evident through its ISO 9001 certification and continuous investment in advanced manufacturing technologies. The company's focus on custom solutions and personalized service has earned it a reputation for reliability and precision in demanding industrial applications.

Details of the Attack

The ransomware group Cicada 3301 has claimed responsibility for the attack on RDC Control Ltd, threatening to release exfiltrated data if the company does not respond promptly. The attackers have provided proof of the stolen data, increasing the pressure on RDC Control to address the breach swiftly. This attack underscores the vulnerabilities faced by industrial manufacturers, particularly those with sensitive data and potentially weaker cybersecurity defenses.

About Cicada 3301

Cicada 3301 is a newly emerged Ransomware-as-a-Service (RaaS) and data broker group that first gained attention in mid-2024. Unlike traditional ransomware groups, Cicada 3301 focuses on exfiltrating and selling sensitive data rather than seeking quick ransom payments. The group employs a double-extortion model, threatening to release stolen data if demands are not met. Their sophisticated tactics include using phishing campaigns, brute-forcing VPN credentials, and exploiting vulnerabilities in network appliances to gain initial access.

Potential Vulnerabilities

RDC Control Ltd's reliance on advanced manufacturing technologies and its extensive data repositories make it an attractive target for cybercriminals like Cicada 3301. The company's use of VPN appliances and potential vulnerabilities in its cybersecurity infrastructure may have facilitated the attack. This incident serves as a stark reminder of the importance of comprehensive cybersecurity measures, particularly for companies in the industrial sector.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.