Ransomware Attack on Fifteenfortyseven Critical Systems Realty by Fog Group

Fifteenfortyseven Critical Systems Realty, commonly known as 1547, has fallen victim to a ransomware attack orchestrated by the Fog ransomware group. As a leading developer, operator, and owner of custom-designed data centers in North America and Europe, 1547 manages over 1.1 million square feet of data center space. The attack on 1547 compromised 6 GB of data, including sensitive information such as employee and customer contacts, human resources data, NDAs, and insurance certificates. The company's revenue is reported to be $5,000,000.

Company Overview

1547 stands out in the data center industry due to its emphasis on connectivity and interconnection. The company's portfolio includes carrier hotels and core connectivity hubs, allowing them to provide tailored mission-critical solutions from concept to connection. With a focus on optimizing returns for stakeholders through strategic site selection and facility design, 1547 has established itself as a prominent player in the digital infrastructure sector.

Group Details

The Fog ransomware group, also known as "Lost in the Fog," is a variant of the STOP/DJVU ransomware family. Known for its double extortion tactic, Fog encrypts data and threatens to leak sensitive information on the dark web unless ransom demands are met. The group typically gains initial access through compromised VPN credentials, weak RDP configurations, or phishing attacks. Once inside a network, Fog uses tools like Cobalt Strike and Mimikatz to escalate privileges and encrypt files on multiple devices quickly. The ransomware encrypts files using strong algorithms and appends specific extensions while also exfiltrating data for leverage during negotiations.

Sources:

• 1547 Critical Systems Realty Website
• Computer Weekly - Fog Ransomware
• Arete Incident Response - Fog Ransomware
• Adlumin - Fog Ransomware Targeting Financial Sector
• Red Piranha - Fog Ransomware Overview