Novelty, a Leading Event Technology Company, Suffers a Ransomware Attack

Overview of the Incident

Novelty, a leading company in the event technology sector with a notable presence in the Business Services industry, recently fell victim to a ransomware attack orchestrated by the group known as vicesociety. This incident was publicized through a dark web leak site. With a history spanning over four decades, Novelty has established itself as a key player in the event industry, providing a wide range of services including sound, lighting, video projection, and scenic structures.

The company boasts a significant operational footprint, with locations in major cities across Europe and the Middle East, including Paris, Toulouse, Bordeaux, Nantes, Lyon, Monaco, Brussels, London, and regions in the Middle East. In 2020, Novelty reported annual revenues of €72 million and invests approximately €5.5 million each year in its operations. The company employs 280 permanent staff and has the capacity to hire up to 750 intermittent staff members monthly.

Analysis of Vulnerability

The susceptibility of Novelty to ransomware attacks can be attributed to the expansive scale and complexity of its operations. Managing a vast network of agencies along with a large workforce, comprising both permanent and temporary employees, presents multiple potential vulnerabilities for cybercriminals to exploit. Furthermore, the company's global presence increases its exposure to a diverse array of cybersecurity threats prevalent in different regions.

As of now, the ransomware group vicesociety has not disclosed the specific ransomware variant utilized in the attack. Nonetheless, the significant size of Novelty and its pivotal role in the events industry make it an attractive target for cybercriminals, given the sensitive information it handles and its substantial influence on the sector.

Recommended Cybersecurity Measures

In light of this attack, it is imperative for Novelty and similar entities within the event technology sector to prioritize the enhancement of their cybersecurity defenses. This entails the adoption of stringent security protocols, the continuous updating of software and hardware systems, and the provision of comprehensive cybersecurity training for all staff members.

Sources

• Novelty. (n.d.). Retrieved April 10, 2024, from https://www.novelty-group.com/
• PhishLabs. (2024, February 29). DarkLoader Leads Malware Attacks in Q4. Retrieved April 10, 2024, from https://www.phishlabs.com/blog/darkloader-leads-malware-attacks-q4