Decal España Ransomware Attack Exposes Energy Sector Risks

Incident Date: Sep 30, 2024

Attack Overview

VICTIM

Decal España

INDUSTRY

Energy, Utilities & Waste

LOCATION

Spain

ATTACKER

Black Suit

FIRST REPORTED

September 30, 2024

Request Removal

Ransomware Attack on Decal España: A Detailed Analysis

Decal España, a key player in the storage and handling of petroleum products, chemicals, and gases, has recently been targeted by the BlackSuit ransomware group. This attack, discovered on October 1, 2024, highlights the vulnerabilities faced by companies in the energy, utilities, and waste sector.

Company Profile: Decal España

Established in 1988 and headquartered in Barcelona, Decal España is a subsidiary of the Italian Decal S.p.A. The company operates two main terminals in Barcelona and Huelva, with the Barcelona terminal alone covering an area of 120,708 m² and a storage capacity of 495,000 m³. Decal España is renowned for its comprehensive service offerings, including product blending and quality control, which cater to a diverse clientele across various sectors. With a workforce of approximately 96 employees, the company generates an annual revenue estimated between €10 million and €50 million.

Attack Overview

The BlackSuit ransomware group, known for its double extortion tactics, has claimed responsibility for the attack on Decal España. The group typically exfiltrates sensitive data before encrypting files, threatening to publish the data if the ransom is not paid. The extent of the data leak from Decal España remains unclear, but the attack underscores the risks faced by companies handling hazardous materials.

BlackSuit Ransomware Group

Emerging as a successor to the Royal ransomware family, BlackSuit has been active since early 2023. The group distinguishes itself through sophisticated tactics, including phishing emails for initial access and disabling antivirus software to exfiltrate data. Ransom demands from BlackSuit range from $1 million to $10 million, with payments typically requested in Bitcoin. The group has targeted various sectors, with a notable focus on high-value targets such as healthcare and media companies.

Potential Vulnerabilities

Decal España's strategic location in major ports and its handling of sensitive materials make it an attractive target for ransomware groups like BlackSuit. The company's reliance on digital systems for logistics and storage solutions may have provided an entry point for the attackers. The use of phishing emails as an initial access method suggests that employee awareness and cybersecurity measures could be areas for improvement.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.