onyx attacks Baltholding OÜ

Incident Date: Jul 26, 2022

Attack Overview
VICTIM
Baltholding OÜ
INDUSTRY
Media & Internet
LOCATION
Estonia
ATTACKER
Onyx
FIRST REPORTED
July 26, 2022

Balt Group Suffers Ransomware Attack by Onyx Group

Balt Group, a prominent entity in the Media & Internet sector, recently fell victim to a ransomware attack orchestrated by the Onyx group. This incident was disclosed on the group's dark web leak site, with Balt Group's official website being https://baltgroup.com/. The company is renowned for its extensive range of medical devices designed for the treatment of ischemic and hemorrhagic stroke, alongside a suite of products aimed at peripheral embolization.

Despite the lack of detailed public information regarding the company's size and specifics, its website prominently features its mission and dedication to human resources and employee satisfaction. The search results do not explicitly address the company's vulnerabilities that made it a target for cybercriminals.

The landscape of ransomware has witnessed a notable surge in the frequency, scope, and magnitude of attacks throughout 2023, with ransomware payments surpassing the $1 billion mark. The assault on Balt Group is indicative of this trend, showcasing the diverse range of actors, from expansive syndicates to smaller factions and solo perpetrators, engaging in ransomware activities. The Onyx group represents one of the numerous ransomware variants active in 2023, with certain variants adopting the Ransomware as a Service (RaaS) model. This model allows affiliates to deploy the malware in executing attacks.

In light of such threats, organizations are encouraged to adopt preventative strategies, including stringent access control, robust data backup solutions, and the deployment of machine learning algorithms for ransomware detection. Nonetheless, these preventative measures come with their own set of challenges, including significant overheads and potential impacts on performance.

It is imperative for Balt Group to undertake immediate measures to mitigate the repercussions of the ransomware attack. This entails isolating the compromised systems, restoring data from backups, and consulting with cybersecurity specialists to gauge the attack's full scope and formulate comprehensive long-term security strategies.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.