Ransomware Attack on Sherwood Stainless & Aluminium by DragonForce

Overview of Sherwood Stainless & Aluminium

Sherwood Stainless & Aluminium Limited, established in 1990, is a prominent UK-based supplier and fabricator specializing in stainless steel and aluminium products. Operating from a 115,000 square foot facility in Wolverhampton, the company is known for its advanced production and distribution capabilities. Sherwood holds ISO9001 and ISO14001 certifications, reflecting its commitment to high standards in quality management and environmental practices.

Core Offerings and Industry Applications

Sherwood's primary focus is on aluminium extrusion, providing bespoke profiles and components. The company also offers stainless steel and aluminium coils, cut blanks, and sheets, catering to industries such as automotive, construction, rail, lighting, and medical. Their technological capabilities include state-of-the-art CAD and 3D design, vertical machining centers, and automated saws, ensuring high-quality and efficient production.

Details of the Ransomware Attack

On a recent occasion, Sherwood Stainless & Aluminium fell victim to a ransomware attack orchestrated by the cybercriminal group DragonForce. The attackers compromised 6.79 GB of data from the company's systems, potentially impacting their operations and client information. The company's website, sherwoodaluminium.com, may also be affected as part of the breach.

About DragonForce Ransomware Group

DragonForce is a relatively new ransomware group that emerged in late 2023. They are known for using double extortion tactics, encrypting victims' data and exfiltrating sensitive information, which they threaten to release publicly if the ransom is not paid. DragonForce has claimed attacks against various industries across the US, UK, Australia, Singapore, and other countries. Their ransomware code is based on a leaked builder from the infamous LockBit ransomware group, suggesting they leveraged this code to quickly develop and deploy their own ransomware.

Potential Vulnerabilities and Penetration Methods

Sherwood Stainless & Aluminium's extensive technological infrastructure, while advanced, may have vulnerabilities that were exploited by DragonForce. The ransomware group could have penetrated the company's systems through phishing attacks, exploiting unpatched software vulnerabilities, or leveraging weak network security protocols. The attack underscores the importance of comprehensive cybersecurity measures, especially for companies with significant digital assets and sensitive client information.

Sources

• Sherwood Stainless & Aluminium
• WatchGuard - DragonForce
• Tripwire - DragonForce Ransomware
• SOCRadar - DragonForce Ransomware