Hanwha Azdel Faces Black Basta Ransomware Attack: Impact and Response

Incident Date: Apr 19, 2024

Attack Overview
VICTIM
Hanwha Azdel
INDUSTRY
Manufacturing
LOCATION
USA
ATTACKER
Blackbasta
FIRST REPORTED
April 19, 2024

Hanwha Azdel Targeted by Black Basta Ransomware Attack

Company Profile

Hanwha Azdel, Inc., a subsidiary of the South Korean conglomerate Hanwha, is a manufacturer based in Forest, Virginia, specializing in Glass Mat Thermoplastic (GMT) composite materials. Founded in 1986, the company has a significant presence in the automotive, recreational vehicle, large truck, and electrical enclosure industries. With 141 employees and an annual revenue of $16 million, Hanwha Azdel stands out for its commitment to innovation and sustainability in the plastics sector.

Attack Overview

The Black Basta ransomware group has claimed responsibility for a cyberattack on Hanwha Azdel, compromising the company's operational integrity by exfiltrating approximately 1 TB of sensitive data. This data includes internal company documents, contracts, agreements, and project drawings. The attack was executed with a sophistication that suggests a high level of planning and targeting, typical of Black Basta's modus operandi.

Vulnerabilities and Targeting

The choice of Hanwha Azdel as a target by Black Basta could be attributed to several factors. The company's significant role in the supply chain of several critical industries makes it a valuable target for ransomware attacks, which aim to disrupt operations and extract valuable corporate data. Additionally, the high volume of sensitive data handled by the company increases the potential payoff for cybercriminals in terms of ransom demands and the sale of stolen data.

Impact and Response

The ransomware attack has put significant pressure on Hanwha Azdel to secure its systems and manage the public relations fallout. The breach not only threatens the financial stability of the company due to potential ransom payments but also risks damaging its reputation with clients and partners. The deadline for the ransom payment has been set for April 26th, 2024, putting the company in a critical position to respond effectively.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.