Ransomware Strikes Cottle's Asphalt by BlackSuit Group
Ransomware Attack on Cottle's Asphalt Maintenance Inc. by BlackSuit
Cottle's Asphalt Maintenance Inc., a reputable infrastructure contracting firm based in Everett, Pennsylvania, has recently been targeted by the notorious ransomware group BlackSuit. This attack, discovered on September 24, has raised significant concerns about the security of sensitive data within the construction sector.
Company Profile and Industry Standing
Cottle's Asphalt Maintenance Inc. is a well-established company specializing in asphalt paving and construction services. With over 22 years of experience, the company has built a strong reputation for quality and responsiveness, particularly in emergency repairs for the Pennsylvania Department of Transportation. Employing between 11 to 50 individuals, Cottle's Inc. is recognized for its commitment to high-quality construction projects and its design-build approach, which integrates design and construction phases to streamline project delivery.
Vulnerabilities and Targeting
The construction sector, while traditionally focused on physical infrastructure, is increasingly becoming a target for cyber threats due to its reliance on digital systems for project management and communication. Cottle's Inc.'s commitment to quality and safety, while a strength, also necessitates the use of advanced technologies, which can introduce vulnerabilities if not adequately protected. The company's involvement in both public and private sector projects may have made it an attractive target for BlackSuit, which is known for targeting high-value entities.
Attack Overview
The BlackSuit ransomware group, known for its double extortion tactics, has claimed responsibility for the attack on Cottle's Inc. This group typically exfiltrates sensitive data before encrypting it, threatening to release the information unless a ransom is paid. While the exact size of the data leak from Cottle's Inc. remains undetermined, the potential compromise of sensitive information poses a significant risk to the company's operations and reputation.
About BlackSuit Ransomware Group
BlackSuit, a successor to the Royal ransomware family, has distinguished itself through sophisticated tactics, including data exfiltration and extortion. The group often gains initial access through phishing emails, disabling antivirus software, and exfiltrating data before deploying ransomware. Their ransom demands can range from $1 million to $10 million, with payments typically requested in Bitcoin. BlackSuit's focus on high-value targets, such as healthcare and media companies, underscores the threat they pose to industries like construction.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!