BianLian Ransomware Hits Air Transport Services Group

Incident Date: Nov 09, 2024

Attack Overview

VICTIM

ATSG, Inc

INDUSTRY

Transportation

LOCATION

USA

ATTACKER

Bianlian

FIRST REPORTED

November 9, 2024

Request Removal

Ransomware Attack on Air Transport Services Group by BianLian

Air Transport Services Group, Inc. (ATSG), a leading provider in the aviation sector, has recently fallen victim to a ransomware attack orchestrated by the notorious BianLian group. This breach has significant implications, affecting approximately 910,000 individuals and exposing sensitive data across various domains.

ATSG: A Leader in Aviation

Headquartered in Wilmington, Ohio, ATSG is a prominent player in the air cargo transportation and aircraft leasing sectors. The company operates through several subsidiaries, including ABX Air and Air Transport International, providing comprehensive air transport solutions. ATSG's strategic partnerships with major logistics companies like Amazon and DHL Express underscore its importance in the industry. The company employs around 5,280 individuals and operates a diverse fleet of approximately 130 aircraft, including Boeing and Airbus models.

Vulnerabilities and Impact

ATSG's multifaceted operations and extensive partnerships make it a lucrative target for cybercriminals. The recent ransomware attack by BianLian has compromised financial and human resources information, personal identifiable information (PII), and protected health information (PHI) records. The breach also exposed contracts, confidential agreements, and critical intellectual property, highlighting the severe impact on ATSG and its associated entities.

BianLian: A Notorious Ransomware Group

BianLian, known for its adaptability and diverse attack strategies, has been a significant threat since its emergence in 2022. The group employs a multi-stage attack methodology, often gaining initial access through compromised Remote Desktop Protocol (RDP) credentials or phishing. BianLian's shift from a double-extortion model to a pure data exfiltration approach reflects its evolving tactics. This strategy focuses on stealing data and threatening to release it, compelling victims to pay ransoms.

Attack Overview

The attack on ATSG was confirmed by the company, with the BianLian group listing ATSG on its data leak site. The breach has had a cascading effect, with Boston Children’s Health Physicians also confirming a ransomware incident linked to the ATSG breach. The compromised data includes sensitive information from local and international clients, customers, and partners, emphasizing the widespread impact of this attack.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.