Ransomware Hits Sumitomo Rubber South Africa by KillSec
Incident Date:
November 2, 2024
Overview
Title
Ransomware Hits Sumitomo Rubber South Africa by KillSec
Victim
Sumitomo
Attacker
Killsec
Location
First Reported
November 2, 2024
Ransomware Attack on Sumitomo Rubber South Africa by KillSec
Sumitomo Rubber South Africa (Pty) Ltd, a prominent player in the tyre manufacturing industry, has recently fallen victim to a ransomware attack claimed by the notorious group KillSec. This incident highlights the vulnerabilities faced by companies in the manufacturing sector, particularly those with significant market presence and extensive operations.
Company Overview
Sumitomo Rubber South Africa, commonly known as SRI Group, operates as a subsidiary of Sumitomo Rubber Industries, headquartered in Kobe, Japan. The company is a key contributor to the South African automotive sector, with its state-of-the-art manufacturing facility located in Ladysmith, KwaZulu-Natal. This facility is crucial for producing a range of tyres under brands such as Dunlop, Sumitomo, and Falken. The company employs approximately 1,200 personnel and has a significant market presence, with one in five vehicles on South African roads fitted with locally produced Dunlop tyres.
Attack Overview
The ransomware attack orchestrated by KillSec has resulted in the unauthorized access and potential exfiltration of sensitive data, including personally identifiable information and critical financial data. This breach underscores the persistent threat posed by ransomware groups targeting industrial and manufacturing sectors. The attack on Sumitomo Rubber South Africa is particularly concerning given the company's recent R1.7 billion investment aimed at enhancing its manufacturing capabilities and modernizing its operations.
About KillSec
KillSec, also known as Kill Security, is a ransomware group known for targeting various industries, including manufacturing, government, and finance. The group is distinguished by its use of multiple communication channels and crypto wallets, often demanding significant extortion amounts. KillSec has been active in several countries, including the United States, United Kingdom, and India, and is known for its sophisticated tactics in penetrating company systems.
Potential Vulnerabilities
Sumitomo Rubber South Africa's extensive operations and significant market presence make it an attractive target for ransomware groups like KillSec. The company's reliance on digital infrastructure for manufacturing and distribution may have exposed vulnerabilities that were exploited during the attack. The incident serves as a stark reminder of the importance of cybersecurity measures, particularly for companies in the manufacturing sector.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.