sparta attacks Copisa

Incident Date: Sep 22, 2022

Attack Overview

VICTIM

Copisa

INDUSTRY

Construction

LOCATION

Spain

ATTACKER

Sparta

FIRST REPORTED

September 22, 2022

Request Removal

Grupo Copisa Suffers Ransomware Attack by Sparta Group

Company Overview

Grupo Copisa, a leading entity in the construction industry, is distinguished by its commitment to sustainable practices and the integration of Building Information Modeling (BIM) technology. Their dedication to innovation and quality is evident in their approach to the design, auditing, and monitoring of construction projects.

Vulnerabilities and Targeting

The Sparta ransomware group has successfully exploited vulnerabilities within Grupo Copisa's systems, resulting in the encryption of their files and a subsequent ransom demand for the decryption key. Notably, the attackers employed a custom VSS Copying Tool to exfiltrate files from shadow volume copies, circumventing the protection typically provided when files are actively used by applications.

Industry Impact

The construction sector has increasingly become a target for ransomware attacks, leading to substantial financial losses and operational disruptions for affected companies. The prevalence of such attacks is underscored by statistics indicating that 71% of companies have experienced ransomware incidents, with the average financial impact per incident reaching $4.35 million.

Mitigation Strategies

To counter the threat of ransomware, organizations are advised to proactively address known system vulnerabilities, enforce multifactor authentication, ensure the availability of offline data backups, and maintain up-to-date operating systems, software, and firmware.

The Sparta ransomware attack on Grupo Copisa underscores the critical importance of comprehensive cybersecurity measures within the construction industry. By adhering to established best practices and remaining alert to new threats, companies can significantly diminish their risk of ransomware attacks and mitigate their potential consequences.

Sources

Grupo Copisa | Construcción sostenible
FBI: Play ransomware breached 300 victims, including critical orgs. URL: https://www.fbi.gov/news/stories/play-ransomware-091522
Ransomware Attack - What is it and How Does it Work? - Check Point. URL: https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware-attack/

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.