Sherwood Stainless & Aluminium Hit by DragonForce Ransomware Attack
Incident Date:
August 22, 2024
Overview
Title
Sherwood Stainless & Aluminium Hit by DragonForce Ransomware Attack
Victim
Sherwood Stainless & Aluminium
Attacker
Dragonforce
Location
First Reported
August 22, 2024
Ransomware Attack on Sherwood Stainless & Aluminium by DragonForce
Overview of Sherwood Stainless & Aluminium
Sherwood Stainless & Aluminium Limited, established in 1990, is a prominent UK-based supplier and fabricator specializing in stainless steel and aluminium products. Operating from a 115,000 square foot facility in Wolverhampton, the company is known for its advanced production and distribution capabilities. Sherwood holds ISO9001 and ISO14001 certifications, reflecting its commitment to high standards in quality management and environmental practices.
Core Offerings and Industry Applications
Sherwood's primary focus is on aluminium extrusion, providing bespoke profiles and components. The company also offers stainless steel and aluminium coils, cut blanks, and sheets, catering to industries such as automotive, construction, rail, lighting, and medical. Their technological capabilities include state-of-the-art CAD and 3D design, vertical machining centers, and automated saws, ensuring high-quality and efficient production.
Details of the Ransomware Attack
On a recent occasion, Sherwood Stainless & Aluminium fell victim to a ransomware attack orchestrated by the cybercriminal group DragonForce. The attackers compromised 6.79 GB of data from the company's systems, potentially impacting their operations and client information. The company's website, sherwoodaluminium.com, may also be affected as part of the breach.
About DragonForce Ransomware Group
DragonForce is a relatively new ransomware group that emerged in late 2023. They are known for using double extortion tactics, encrypting victims' data and exfiltrating sensitive information, which they threaten to release publicly if the ransom is not paid. DragonForce has claimed attacks against various industries across the US, UK, Australia, Singapore, and other countries. Their ransomware code is based on a leaked builder from the infamous LockBit ransomware group, suggesting they leveraged this code to quickly develop and deploy their own ransomware.
Potential Vulnerabilities and Penetration Methods
Sherwood Stainless & Aluminium's extensive technological infrastructure, while advanced, may have vulnerabilities that were exploited by DragonForce. The ransomware group could have penetrated the company's systems through phishing attacks, exploiting unpatched software vulnerabilities, or leveraging weak network security protocols. The attack underscores the importance of comprehensive cybersecurity measures, especially for companies with significant digital assets and sensitive client information.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.