Johnson Controls International [1] [2] [3] [4] [5], a multinational conglomerate specializing in industrial control systems and security equipment [2], recently experienced a significant ransomware attack originating in Asia. This incident highlights the ongoing threat of ransomware groups and emphasizes the importance of robust cybersecurity measures for organizations [2].
Description
Johnson Controls International [1] [2] [3] [4] [5], a multinational conglomerate specializing in industrial control systems and security equipment [2], recently reported a significant ransomware attack originating in Asia. The attack was carried out by the cybergang Dark Angels and has caused disruptions to their internal IT infrastructure and impacted their subsidiaries, including York [2], Simplex [1] [2] [3], and Ruskin [2]. Specifically targeting their computer networks, the attack resulted in technical outages on customer portals and login pages. Dark Angels has claimed responsibility for the attack and sent a ransom note demanding a settlement of $51 million. They have also threatened to delete over 27 terabytes of stolen corporate data. The encryption of the company’s VMware ESXi machines raises concerns about potential consequences for Johnson Controls’ customers in various industries [3]. While the company’s applications remain operational [1] [3], the financial impact is still being assessed [3]. Johnson Controls has confirmed the cyberattack and is working with external cybersecurity experts [4], insurers [2], and incident management and protection plan to investigate and mitigate the incident.
Conclusion
This ransomware attack on Johnson Controls International has had significant impacts on their internal IT infrastructure and subsidiaries, causing disruptions and technical outages. The threat of ransomware groups like Dark Angels highlights the need for organizations to have robust cybersecurity measures in place. Johnson Controls is actively working with external experts to investigate and mitigate the incident, but the financial impact is still being assessed [3]. This incident serves as a reminder of the ongoing threat posed by ransomware and the importance of proactive cybersecurity measures for organizations in all industries.
References
[1] https://www.threatshub.org/blog/johnson-controls-international-disrupted-by-major-cyberattack/
[2] https://cybermaterial.com/johnson-controls-hit-by-ransomware/
[3] https://www.darkreading.com/ics-ot/johnson-controls-international-hit-with-massive-ransomware-attack
[4] https://gillettnews.com/world/johnson-controls-international-hit-by-massive-ransomware-attack/133986/
[5] https://seekingalpha.com/news/4016064-johnson-controls-hit-with-cybersecurity-breach-massive-ransomware-attack
