A Chicago-based construction and engineering company called Sargent & Lundy has reportedly suffered an attack from the Black Basta ransomware operators.
The affected firm that designs power grids notified its consumers that it spotted an unwanted activity within its systems that resulted in data theft. Based on the initial reports, the attackers got a hold of customers’ names and Social Security numbers.
A legal firm that oversees that breach notification for Sargent & Lundy claimed that the threat actors stole troves of personal data of nearly 7,000 individuals.
A news reporting agency cited two individuals familiar with the cybercriminal investigation and explained that the defenders of the affected company contained the Black Basta ransomware in about 24 hours.
The Black Basta ransomware has been on a rampage since its emergence last April.
Researchers noted that the Black Basta ransomware group is notorious for adopting a double-extortion attack against its victims. They steal files from their victims and use them to extort their targets by threatening to expose the data unless a ransom is provided.
A news broadcasting company described the affected firm’s dissemination of notification as vague since it does not reveal whether the ransomware operators acquired data necessary to start an attack against the power grid.
Fortunately, one of Sargent & Lundy’s representatives informed the authorities that their company had fully recovered from the cybercriminal incident. Hence, the attack does not have a broader impact on power-sector organisations.
Cybersecurity experts stated that the attacks on these sectors are a very severe case of critical infrastructure hacking since they could affect a whole city or state. The best example of this incident is Russia’s cyberattack in 2015 against Ukraine, which caused power outages for over 200,000 Ukrainian that lasted for approximately six hours in some regions.
Furthermore, critical infrastructures should adopt the best security defences to avoid falling victim to threat actors, especially those wanting to cause cyber espionage. Organisations should also invest in teaching their employees to spot phishing attacks or malicious entries since most ransomware attacks start from unaware users.