FOG Ransomware Hits Global Giant The Getz Group
FOG Ransomware Targets The Getz Group: A Detailed Analysis
The Getz Group, a prominent international marketing and services company, has recently fallen victim to a ransomware attack orchestrated by the FOG ransomware group. This incident underscores the growing threat of cyberattacks on large multinational corporations, particularly those with extensive global operations.
About The Getz Group
Founded in 1852, The Getz Group is headquartered in Singapore and operates across various sectors, including healthcare, consumer products, logistics, and food processing. With a presence in 94 countries and over 80 offices, the company employs more than 21,500 people and generates annual revenues exceeding $2 billion. The Group's operations are primarily focused in the Asia-Pacific region, with expansions into the Middle East and Africa. Its strategic business units allow for flexibility and responsiveness to market needs, making it a leader in creating sustainable business solutions.
Attack Overview
The FOG ransomware group has claimed responsibility for the attack on Getz Bros. & Co. (HK) Ltd, a subsidiary of The Getz Group operating in the manufacturing sector. The attackers reportedly exfiltrated approximately 45 GB of sensitive data, including human resources records, client contact information, internal financial documents, trading agreements, and login credentials. This breach highlights significant vulnerabilities in the company's data protection measures, posing potential risks to its operations and reputation.
FOG Ransomware Group
FOG ransomware, a variant of the STOP/DJVU family, is known for its disruptive capabilities, primarily targeting Windows systems but also affecting Linux environments. The group distinguishes itself through its rapid encryption capabilities and sophisticated infiltration techniques, such as exploiting compromised VPN credentials and known application vulnerabilities. In recent developments, FOG has shifted its focus towards more lucrative targets, including the financial sector, indicating its evolution into a more prominent cybercrime organization.
Potential Vulnerabilities
The Getz Group's extensive network and complex operational structure may have contributed to its vulnerability to such an attack. The company's reliance on digital infrastructure for its global operations could have provided multiple entry points for the ransomware group. Additionally, the exfiltration of sensitive data suggests potential weaknesses in the company's cybersecurity protocols, particularly in safeguarding critical information from unauthorized access.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!