Ransomware Attack on A.L.P. Lighting Components by INC_RANSOM Compromises Data
Ransomware Attack on A.L.P. Lighting Components by INC_RANSOM
Company Overview
A.L.P. Lighting Components, established in 1972, is a leading manufacturer and distributor of lighting components. Headquartered in Niles, Illinois, the company operates multiple manufacturing and distribution facilities across the United States and internationally, including locations in Michigan, Tennessee, Georgia, Monterrey (Mexico), and Birmingham (England). With approximately 137 employees, A.L.P. serves a global customer base of nearly 4,000 clients in 21 countries. The company is renowned for its innovative "360° Solutions" suite, which allows for collaboration with customers throughout the entire product lifecycle, from design and prototyping to tooling and manufacturing.
Attack Overview
On July 17, 2024, A.L.P. Lighting Components discovered that they had fallen victim to a ransomware attack orchestrated by the threat actor group known as INC_RANSOM. The attack targeted the company's website, alplighting.com, and compromised sensitive information. While the exact size of the data leak remains unknown, the incident has raised significant concerns about the security of the company's data and operational integrity. A.L.P. Lighting Components is currently investigating the full impact of the attack and working to restore their systems.
About INC_RANSOM
INC_RANSOM is a highly sophisticated cybercriminal group known for its targeted ransomware attacks on corporate and organizational networks. The group employs advanced techniques such as spear-phishing campaigns and exploiting vulnerabilities like CVE-2023-3519 in Citrix NetScaler. INC_RANSOM's attacks involve not only encrypting data but also stealing it and threatening to release it publicly, a tactic known as double extortion. Active since 2023, the group has targeted various industries, including healthcare, education, government entities, and technology companies.
Penetration and Vulnerabilities
The exact method by which INC_RANSOM penetrated A.L.P. Lighting Components' systems is still under investigation. However, the group is known for using both Commercial Off-The-Shelf (COTS) software and legitimate system tools for reconnaissance and lateral movement within a network. The attack on A.L.P. highlights the vulnerabilities that even well-established companies face in the evolving landscape of cyber threats. The incident underscores the importance of robust cybersecurity measures to defend against sophisticated ransomware attacks.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!