ThyssenKrupp sample database for sale on data leak website
Posted on
October 19, 2020
6:19 pm
Summary
CloudSEK Threat Intelligence detects a sample database of the Engineering and Technology giant ThyssenKrupp that contains 30MB data for sale.
In August 2020, Mount Locker ransomware gang targeted Engineering and Technology giant ThyssenKrupp in what appears to be a data breach. ThyssenKrupp is a German multinational conglomerate and with 670 subsidiaries worldwide it is one of the world’s largest steel producers. The company is based in Duisburg and Essen. One of their subsidiaries ThyssenKrupp Marine Systems manufactures frigates, corvettes and submarines for the German and foreign navies. And in a recent cyberattack targeting the group, Mount Locker ransomware operators advertise what seems to be 30 MB of data related to ThyssenKrupp System Engineering group.Mount Locker operators, who refer to their victims as clients, maintain a site in the dark web to display leaked data if the victim refuses to pay the demanded ransom. To authenticate the threat, they have posted part of ThyssenKrupp’s data publicly on their data leak website. The data is apparently being sold for 35 BTC.Source: Mount Locker PR siteSample company data available for download
Business Impact of Ransomware
Loss/ unavailability of critical data and other crucial information
Business downtime resulting in monetary loss
Business disruption after the attack
Loss of reputation and goodwill for the victim organization
Client lawsuits and compliance fines
Damage to hostage systems, data, and files
Mitigation
Defense in depth implementation
Strong network perimeter defense
Vulnerability and patch management
Impart security training to employees addressing dangers of social engineering
Practicing cyber hygiene
Periodic Vulnerability Assessment and Penetration Testing
Purple Teaming for organizations with mature cyber security programmes
