GFM Ltd Hit by Black Basta Ransomware in Major Cyber Attack

Incident Date: Oct 14, 2024

Attack Overview

VICTIM

GFM Ltd

INDUSTRY

Business Services

LOCATION

United Kingdom

ATTACKER

Blackbasta

FIRST REPORTED

October 14, 2024

Request Removal

Ransomware Attack on GFM Ltd by Black Basta: A Detailed Analysis

GFM Ltd, a prominent UK-based facilities management company, has fallen victim to a ransomware attack orchestrated by the notorious Black Basta group. This incident highlights the ongoing threat posed by sophisticated cybercriminals targeting businesses across various sectors.

About GFM Ltd

Established over three decades ago, GFM Ltd has evolved from its construction origins to become a multidisciplined provider of integrated facilities management solutions. The company offers a comprehensive range of services, including asset management, building management, catering, cleaning, energy management, security, and project management. With approximately 102 employees and a reported revenue of around $50 million, GFM Ltd is recognized for its holistic approach to facilities management, emphasizing adaptability and client engagement.

Attack Overview

Black Basta has claimed responsibility for the attack on GFM Ltd, asserting that they have infiltrated the company's systems and accessed sensitive data. The ransomware group has issued a threat to release the compromised data publicly within 5 to 6 days if their demands are not met. This attack underscores the vulnerabilities that facilities management companies face, particularly those with extensive client data and operational dependencies.

About Black Basta

Emerging in early 2022, Black Basta is a ransomware operator known for its targeted attacks and double extortion tactics. The group is believed to have connections to the defunct Conti group, sharing similarities in malware development and operational strategies. Black Basta distinguishes itself by focusing on high-value targets in regions such as the US, UK, and Australia, employing sophisticated methods like spear-phishing and exploiting network vulnerabilities to gain initial access.

Potential Vulnerabilities

GFM Ltd's extensive service offerings and reliance on integrated solutions may have presented multiple entry points for cybercriminals. The company's focus on client-specific solutions and data management could have made it an attractive target for Black Basta, which seeks to maximize leverage through data exfiltration and encryption. The attack on GFM Ltd serves as a stark reminder of the critical need for effective cybersecurity measures in the facilities management sector.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.