Monti Ransomware Strikes Anderson Miller Ltd in Chicago

Incident Date: Nov 19, 2024

Attack Overview

VICTIM

Anderson Miller LTD

INDUSTRY

Hospitality

LOCATION

USA

ATTACKER

Monti

FIRST REPORTED

November 19, 2024

Request Removal

Monti Ransomware Attack on Anderson/Miller, Ltd.

Anderson/Miller, Ltd. (AML), a distinguished architectural and interior design firm based in Chicago, Illinois, has recently fallen victim to a ransomware attack orchestrated by the Monti group. Specializing in luxury interiors for the hospitality sector, AML has built a reputation over its 40-year history for delivering high-quality design solutions that emphasize authenticity and a strong sense of place. The firm operates with a small team of fewer than ten employees, which allows for an agile structure and close client relationships.

Attack Overview

The ransomware attack on AML was claimed by the Monti group via their dark web leak site. The attack, which occurred on November 20, 2023, has raised concerns about the security vulnerabilities of small firms in the architectural industry. The exact size of the data leak remains unknown, but the incident underscores the growing threat of ransomware attacks on companies with high-value clientele and sensitive project data.

About Anderson/Miller, Ltd.

AML's focus on hospitality projects, which constitute approximately 93% of their work, has allowed them to cultivate a nearly 90% repeat client base. This specialization, combined with their commitment to diversity as a 100% Women Business Enterprise, distinguishes them in the competitive landscape of architectural firms. Notable projects include the Park Hyatt Chicago and Four Seasons Orlando, showcasing their expertise in creating transformative environments.

Monti Ransomware Group

Monti ransomware emerged in June 2022, following the disbandment of the Conti group. Known for its strategic mimicry of Conti's tactics, Monti has targeted sectors such as legal, financial, and government entities. The group employs sophisticated methods, including exploiting vulnerabilities like Log4Shell, to infiltrate networks. Monti's recent operations have included a new Linux-based variant, indicating an evolution in their attack strategies.

Potential Vulnerabilities

AML's small team size and high-profile project portfolio may have made them an attractive target for Monti. The firm's reliance on digital tools for design and project management could have exposed them to vulnerabilities exploited by the ransomware group. Monti's use of remote monitoring tools and advanced encryption techniques further complicates the defense against such attacks.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.