Cactus Ransomware Strikes Ten-8 Fire and Safety Company

Incident Date: Sep 23, 2024

Attack Overview

VICTIM

Ten-8 Fire and Safety

INDUSTRY

Manufacturing

LOCATION

USA

ATTACKER

Cactus

FIRST REPORTED

September 23, 2024

Request Removal

Cactus Ransomware Group Targets Ten-8 Fire and Safety

In a recent cyberattack, the Cactus ransomware group has claimed responsibility for targeting Ten-8 Fire and Safety, a prominent dealer of fire-rescue apparatus and firefighting equipment. The attack, which reportedly resulted in the exfiltration of 240 GB of data, highlights the vulnerabilities faced by companies in the manufacturing sector, particularly those serving critical emergency services.

About Ten-8 Fire and Safety

Ten-8 Fire and Safety, operating primarily in Florida and Georgia, is a leading distributor of fire trucks, ambulances, and firefighting gear. The company is recognized for its commitment to quality and customer service, serving municipal fire departments and private emergency services. With a workforce of approximately 50 to 74 employees and annual revenue between $24.6 million and $40 million, Ten-8 Fire and Safety stands out for its extensive product offerings and dedication to supporting first responders.

Attack Overview

The Cactus ransomware group, known for its sophisticated tactics, has claimed to have infiltrated Ten-8 Fire and Safety's systems, exfiltrating a significant amount of data. The attack underscores the risks faced by companies in the emergency services sector, where the integrity and availability of data are crucial. The group's use of double extortion tactics, where data is both encrypted and threatened with public release, adds pressure on victims to comply with ransom demands.

About the Cactus Ransomware Group

Identified in March 2023, the Cactus ransomware group has quickly gained notoriety for its ability to exploit vulnerabilities in VPN appliances and data analytics platforms. The group employs a unique approach by encrypting its own binary to evade detection, making it challenging for security teams to respond effectively. Cactus is known for its rapid adaptation to new vulnerabilities, allowing it to launch attacks swiftly and efficiently.

Potential Vulnerabilities

Ten-8 Fire and Safety, like many organizations, may have been vulnerable due to unpatched VPN devices or insufficient security measures. The Cactus group often gains initial access through exploiting known vulnerabilities or using stolen credentials, highlighting the importance of vigilant cybersecurity practices. The attack on Ten-8 Fire and Safety serves as a reminder of the critical need for organizations to remain proactive in their cybersecurity efforts.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.