Ransomware Hits TRC Worldwide Engineering by Akira Group

Incident Date: Oct 03, 2024

Attack Overview

VICTIM

TRC Worldwide Engineering (Trcww)

INDUSTRY

Construction

LOCATION

USA

ATTACKER

Akira

FIRST REPORTED

October 3, 2024

Request Removal

Ransomware Attack on TRC Worldwide Engineering by Akira Group

TRC Worldwide Engineering, a well-established engineering consulting firm, has recently been targeted by the notorious ransomware group Akira. This attack highlights the vulnerabilities faced by companies in the construction and engineering sectors, emphasizing the need for heightened cybersecurity measures.

About TRC Worldwide Engineering

Founded in 1989 and headquartered in Brentwood, Tennessee, TRC Worldwide Engineering is a comprehensive engineering consulting firm. The company employs approximately 316 staff members and reported annual revenues of around $90.3 million. TRC operates across multiple sectors, offering services such as structural engineering, civil transportation engineering, mechanical and electrical engineering, and precast concrete design. The firm is known for its commitment to service, innovation, and quality, which has helped it build long-term relationships within the industry.

Attack Overview

The ransomware attack on TRC Worldwide Engineering was publicly claimed by the Akira group on their dark web leak site. While specific details about the data affected, the ransom demanded, or the method of infiltration have not been disclosed, such attacks typically involve the encryption of critical data, rendering it inaccessible until a ransom is paid. This incident underscores the persistent threat posed by ransomware groups and the potential for significant financial and reputational damage.

About Akira Ransomware Group

Akira is a ransomware variant that emerged in March 2023, quickly gaining notoriety for its sophisticated attack methods. The group employs a hybrid encryption scheme combining the ChaCha20 stream cipher with RSA public-key cryptography. Akira operates using a double-extortion model, where it not only encrypts data but also exfiltrates sensitive information before demanding a ransom. The group is known for targeting larger organizations across various sectors, including education, finance, and healthcare.

Potential Vulnerabilities

TRC Worldwide Engineering's diverse portfolio and extensive operations across the United States may have made it an attractive target for the Akira group. The firm's reliance on state-of-the-art software and innovative design techniques could have presented potential entry points for cybercriminals. Akira is known to exploit vulnerabilities in VPN software and utilize compromised login credentials to gain unauthorized access, which may have been factors in this attack.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.