ArcusMedia Ransomware Strikes HM Environmental Services

Incident Date: Nov 21, 2024

Attack Overview

VICTIM

HM Environmental Services

INDUSTRY

Energy, Utilities & Waste

LOCATION

USA

ATTACKER

Arcus Media

FIRST REPORTED

November 21, 2024

Request Removal

Ransomware Attack on HM Environmental Services, Inc. by ArcusMedia

On November 21, 2024, HM Environmental Services, Inc., a prominent environmental remediation contractor based in Clinton Township, Michigan, experienced a ransomware attack orchestrated by the threat actor ArcusMedia. The company specializes in the transportation of hazardous and non-hazardous waste across the Midwest, offering a wide range of environmental services to address industrial and regulated waste management concerns.

Company Overview

HM Environmental Services, Inc. operates under the NAICS codes 562112 and 56211, focusing on hazardous waste management and remediation services. With an annual revenue of approximately $8 million and a staff of around 15 employees, the company stands out for its commitment to safety, compliance, and customer service. They provide services such as transportation, industrial cleaning, environmental remediation, and no-cost environmental surveys to assist businesses in managing waste effectively.

Attack Overview

ArcusMedia, a ransomware group known for its aggressive tactics and double extortion methods, targeted HM Environmental Services, Inc. through phishing emails containing malicious attachments. Once inside the victim's systems, the group deployed custom ransomware binaries, maintained persistence through scheduled tasks, and threatened to leak sensitive information unless a ransom was paid. The attack highlights the vulnerability of companies in the Energy, Utilities & Waste sector to cyber threats.

Ransomware Group Profile

ArcusMedia operates as a Ransomware-as-a-Service (RaaS) and has gained notoriety for its rapid rise in the ransomware landscape. The group distinguishes itself through its affiliate program, where new members must be referred by existing affiliates. They target a diverse array of industries globally, including business services, healthcare, telecommunications, and education, utilizing communication channels like TOR networks and encrypted messaging platforms for negotiation.

Potential Vulnerabilities

HM Environmental Services, Inc. may have been targeted by ArcusMedia due to the sensitive nature of their operations, handling hazardous waste transportation and environmental remediation. The company's reliance on email communication and potential gaps in cybersecurity measures could have provided an entry point for the ransomware group to infiltrate their systems.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.