The German concern Rheinmetall confirmed the cyber attack of the Black Basta group on its systems
More than a month after the attack, the details of the hack and its impact on arms supplies became known.
The German manufacturer of military equipment, weapons and components for vehicles Rheinmetall confirmed that for cyberattack on company systems in April stands a group of extortionists Black Basta.
A company representative said that Rheinmetall continues to work to eliminate the consequences of the attack. According to a Rheinmetall spokesman, the cyber incident only affected the company’s civilian business, which uses a “strictly separated IT infrastructure.”
The company is also a key supplier of guns for the Leopard tank. Rheinmetall reported the incident to the relevant authorities and filed a complaint with the Cologne prosecutor’s office.
Earlier in April, a representative of Rheinmetall informed that the attack affected a business unit of the company that serves industrial customers, in particular in the automotive sector. The defense division of Rheinmetall, which produces military equipment, weapons and ammunition, was not affected and continues to operate as usual.
Note that Rheinmetall already subjected to a cyberattack in 2019 , as a result of which the IT infrastructure of the Rheinmetall Automotive division was infected with malware. Representatives of the company did not disclose the details of the incident. Then the company only stated that the recovery period after the attack would take approximately 2-4 weeks, and the losses would amount to €3 million – €4 million per week.
Black Basta is a ransomware operator and criminal organization offering Ransomware-as-a-Service (RaaS), which first appeared in early 2022 and immediately became one of the most active RaaS threat groups in the world, with over 100 confirmed victims in its first few months of operation.
Recently grouping attacked the Swiss company ABB , one of the world leaders in the field of robotics. According to sources, the attack affected hundreds of company devices. The attack reportedly disrupted the company, delayed projects and affected factories.
Source link
www.securitylab.ru
