Ransomware Attack on HITC Telecom by Stormous Group

Overview of HITC Telecom

HITC Telecom, also known as HTC International Telecommunication Joint Stock Company, is a prominent telecommunications provider in Vietnam. The company offers a wide range of services, including mobile, internet, VoIP, and long-distance phone services. With a registered charter capital of approximately $4.3 million, HITC Telecom is headquartered in Hanoi and is recognized as a leading brand in Vietnam and Asia. The company is known for its expertise in wired telecommunications activities and its extensive service portfolio.

Services and Vulnerabilities

HITC Telecom provides critical services such as data center facilities monitoring and site surveys. These services are essential for maintaining and securing telecommunications infrastructure. However, the complexity and sensitivity of these operations make the company a prime target for cyberattacks. The recent ransomware attack highlights the vulnerabilities in their network security, particularly in protecting sensitive data from sophisticated threat actors.

Details of the Ransomware Attack

In a recent cyberattack, the Stormous ransomware group claimed to have stolen approximately 182 GB of sensitive data from HITC Telecom. The group listed HITC Telecom as a victim on their dark web leak site, indicating a significant breach and data exfiltration. Specific details regarding the ransom demands or the company's response have not been disclosed. The attack underscores the growing threat of ransomware to critical infrastructure providers.

Profile of the Stormous Ransomware Group

Stormous is a ransomware group known for its pro-Russian stance and its involvement in high-profile cyberattacks. Active since 2021, the group employs double extortion tactics, threatening to leak sensitive data if ransom demands are not met. Stormous has claimed responsibility for numerous attacks, including breaches of major companies and governmental bodies. The group has recently reactivated its data leak site and formed partnerships with other cybercriminal organizations to expand its operations.

Penetration Tactics

Stormous likely penetrated HITC Telecom's systems through sophisticated phishing attacks, exploiting vulnerabilities in the company's network security. The group's use of double extortion tactics adds pressure on victims to comply with ransom demands, leveraging the potential reputational damage of data leaks. The attack on HITC Telecom highlights the need for robust cybersecurity measures to protect sensitive data and critical infrastructure.

Sources

• HTC International Telecommunication Joint Stock Company - LinkedIn
• HTC International Telecommunication Joint Stock Company - VNBIS
• HTC International Telecommunication Joint Stock Company - Top Brand Vietnam Asia
• Who is Stormous Ransomware Group? - SOCRadar
• Stormous: The Pro-Russian Clout-Hungry Ransomware Gang - Trustwave