Bank Pembangunan Daerah Banten Tbk: Victim of RansomHouse Cyber Extortion
RansomHouse Targets Bank Pembangunan Daerah Banten in Cyber Extortion Scheme
Attack Overview
The ransomware group RansomHouse has claimed responsibility for a cyber attack on PT Bank Pembangunan Daerah Banten Tbk (Bank Banten), a regional development bank in Indonesia. The attack involved the exfiltration of approximately 450 GB of data from the bank's systems. Initial reports indicate that sensitive information may have been leaked online.
Company Profile
Bank Banten, established in 1992, operates as a key financial institution in the Banten province, focusing primarily on micro-enterprises and small to medium enterprises (SMEs). With 829 full-time employees, the bank plays a crucial role in the regional economic development by providing financial services tailored to local needs. The bank is a subsidiary of PT Banten Global Development.
Targeting and Vulnerabilities
The choice of Bank Banten as a target by RansomHouse can be attributed to several factors. As a regional bank with significant local influence, it holds a wealth of sensitive financial data that is attractive to cybercriminals. Furthermore, the transition phases in its history, including name and ownership changes, might have introduced vulnerabilities in its cybersecurity practices, making it a more feasible target for such sophisticated attacks.
RansomHouse's Modus Operandi
RansomHouse distinguishes itself from other cybercriminal groups by not encrypting the victim's data but instead threatening to leak it unless a ransom is paid. This method of operation not only causes immediate disruption but also poses a long-term reputational risk to the victims, compelling them to comply with the ransom demands to safeguard their client's data.
Sources
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!