Ransomware Attack on Peerless Umbrellas by Cactus Group

Peerless Umbrellas, a well-established manufacturer specializing in high-quality umbrellas and related accessories, has recently fallen victim to a ransomware attack orchestrated by the notorious Cactus Ransomware Group. The attack has compromised a significant amount of sensitive data, posing severe challenges to the company's operations and reputation.

About Peerless Umbrellas

Founded in 1927 and headquartered at 427 Ferry Street, Newark, New Jersey, Peerless Umbrellas is a family-owned business recognized for its innovative umbrella technology and manufacturing. The company employs between 51 and 200 individuals and generates an estimated annual revenue of $23.2 million. Peerless Umbrellas serves the promotional products industry, offering a diverse range of customizable umbrellas and accessories, including golf, fashion, and patio umbrellas. Their commitment to quality and personalized customer service has made them a leader in their sector.

Details of the Attack

The Cactus Ransomware Group, identified in March 2023, has claimed responsibility for the attack on Peerless Umbrellas. The group is known for its double-extortion tactics, where they not only encrypt data but also threaten to leak sensitive information if the ransom is not paid. In this case, the attackers have compromised a wide array of data, including Personal Identifiable Information (PII), database backups, employee and customer data, contracts, financial documents, and corporate correspondence. The stolen data has been made available for download on the dark web, exacerbating the potential damage to Peerless Umbrellas.

About the Cactus Ransomware Group

The Cactus Ransomware Group has quickly become a significant player in the ransomware landscape. They primarily gain access to networks by exploiting known vulnerabilities in VPN devices and data analytics platforms. The group employs sophisticated evasion techniques, including encrypting their own binary to avoid detection by antivirus software. Once inside a network, Cactus establishes command and control communications and disables security software to facilitate their operations. Their rapid adaptation to newly discovered vulnerabilities makes them a formidable threat.

Vulnerabilities and Penetration

Peerless Umbrellas, like many companies in the manufacturing sector, may have been targeted due to potential vulnerabilities in their cybersecurity infrastructure. The Cactus group likely exploited weaknesses in VPN appliances or used phishing attacks to gain initial access. The company's reliance on digital systems for managing customer data and operations could have made them an attractive target for ransomware attacks.

Sources

• Peerless Umbrellas
• Bloomberg - Peerless Umbrella Co. Profile
• Check Point - Cactus Ransomware
• Kroll - Cactus Ransomware
• Trellix - Cactus Ransomware