Ghim Li Global Pte Ltd Targeted by Cactus Ransomware Group

Company Profile

Ghim Li Global Pte Ltd, established in 1977 by Mdm Estina Ang in Singapore, has evolved from a modest beginning with just six sewing machines to a prominent player in the global textile and apparel manufacturing industry. With a workforce exceeding 9,000 employees, Ghim Li stands out for its commitment to social responsibility and high-quality production standards. The company's integrated supply chain solutions and emphasis on fabric innovation and quality control have positioned it as a leader in the production of lifestyle knitwear apparel.

Details of the Ransomware Attack

The Cactus ransomware group, known for its sophisticated ransomware-as-a-service operations, claimed responsibility for the attack on Ghim Li Global Pte Ltd. The attack compromised the company's website and led to the exfiltration of 88 GB of data, including sensitive personally identifiable information (PII). Following the expiration of the ransom deadline, the attackers published the stolen data, significantly impacting the company's operations and reputation.

Vulnerabilities and Targeting

The company's significant digital footprint and extensive data repositories made it an attractive target for the Cactus group. The company's reliance on interconnected digital systems for managing its vast supply chain likely presented multiple attack vectors for the cybercriminals. Additionally, the high value of the stolen data, including PII, provided a lucrative opportunity for ransom demands and potential data sale on dark web markets.

Sources

• Ghim Li Global Pte Ltd Official Website
• Corporate Information - Ghim Li Global Pte Ltd
• Cactus Ransomware: Decrypting the Cyberthreat - StoneFly
• Cactus Ransomware Employs Unique Encryption Techniques to Avoid Detection - SOC Radar
• Talos Intelligence Quarterly Report Q4 2023