Ransomware Attack on Fitzemeyer & Tocci Associates by Abyss Group

Fitzemeyer & Tocci Associates, a prominent engineering firm based in Woburn, Massachusetts, has recently fallen victim to a ransomware attack orchestrated by the Abyss ransomware group. The attack has reportedly resulted in the exfiltration of 8.4 terabytes of uncompressed data, marking a significant breach in the company's cybersecurity defenses.

About Fitzemeyer & Tocci Associates

Founded in 1961, Fitzemeyer & Tocci Associates is a well-established firm specializing in mechanical, electrical, and plumbing (MEP) engineering, as well as fire protection services. The company is recognized for its expertise in facility design, construction administration, infrastructure modernization, and building optimization. With a workforce of approximately 51 to 200 employees, the firm has built a reputation for delivering innovative engineering solutions across sectors such as healthcare, education, industrial, and infrastructure projects.

Fitzemeyer & Tocci's commitment to leveraging modern technology, including the use of Autodesk Construction Cloud solutions, underscores their dedication to enhancing project management and communication. This technological adoption, while beneficial, may also present vulnerabilities that threat actors like the Abyss group could exploit.

Details of the Attack

The Abyss ransomware group, known for its multi-extortion tactics, has claimed responsibility for the attack on Fitzemeyer & Tocci. The group primarily targets VMware ESXi environments and has a history of exploiting weak SSH configurations to gain initial access. The attack on Fitzemeyer & Tocci highlights the growing threat posed by ransomware groups to mid-sized engineering firms, which may lack the comprehensive cybersecurity measures of larger enterprises.

About the Abyss Ransomware Group

Emerging in March 2023, the Abyss ransomware group has quickly established itself as a formidable threat in the cybersecurity landscape. The group is known for its TOR-based website, where it lists victims and exfiltrated data if ransom demands are not met. Abyss has targeted various industries, including finance, manufacturing, and healthcare, with a particular focus on the United States. Their operations are characterized by the use of ransomware payloads derived from the Babuk codebase, which are capable of encrypting both Windows and Linux systems.

The attack on Fitzemeyer & Tocci Associates underscores the need for organizations to remain vigilant against evolving ransomware threats and to continuously assess and strengthen their cybersecurity posture.

Sources

• Fitzemeyer & Tocci Associates
• Autodesk Construction Cloud
• Dun & Bradstreet: Fitzemeyer & Tocci