Bombardier Faces Ransomware as Foreign Policies to Prevent Such Gains More Attention
Canadian snowmobile, motorcycle, and ATV manufacturer Bombardier Recreational Products has been hit by a ransomware attack earlier this month. The attack has since been claimed by the RansomEXX ransomware group.
Ransomware Halt Operations
All BRP operations have been temporarily disrupted by the malicious cyber activity first reported by the company on Aug. 8. However, production at four manufacturing sites in Canada, the U.S., Austria, and Finland resumed a week later.
Threat actors behind the attack were able to infiltrate the company’s internal systems through a supply chain attack, according to BRP. Meanwhile, BRP has been listed on the leak site of the RansomEXX ransomware gang on Tuesday.
The ransomware group also leaked 29.9 GB of stolen files, non-disclosure agreements, material supply deals, contract renewals, passports, and IDs. The legitimacy of the exposed documents was verified and noted that employees who may have been affected were already notified.
Russian-Based Hacker’s Influence On Many Countries’ Down-Side
Last May, Americans up and down the East Coast waited in long gas lines. The panic wasn’t caused by a foreign war or sanctions—it was triggered by a Russian ransomware attack.
The Russia-based criminal group DarkSide had infected Colonial Pipeline and demanded millions of dollars to unlock information technology systems. Colonial shut down the flow of fuel from the Gulf Coast for a week, even after paying the hackers roughly $5 million.
Soon after, DarkSide went dark when its blog site and payment server were taken down by its service provider. However, the group rebranded itself as BlackMatter in an attempt to avoid law enforcement.
That tactic worked until Russian authorities arrested a DarkSide hacker behind Colonial Pipeline in January. This happened shortly after President Joe Biden asked President Vladimir Putin to crack down on Russian cybercriminals.
Conti Pledge Loyalty To Its Sovereignty
Conti drew undue attention after the Russian invasion of Ukraine by officially announcing full support for the Russian government. Furthermore, It declared to strike back at the critical infrastructure of any country that decided to organize war activities against Russia.
In response, an infuriated Ukrainian security researcher leaked thousands of internal Conti messages and the source code for the Conti ransomware encryptor and decryptor. Within months, the Conti operation shut down its public-facing internet sites used to leak data and negotiate with victims.
