Storck-Baugesellschaft mbH Targeted by INC Ransom in Cyberattack

Storck-Baugesellschaft mbH, a prominent German construction company, has recently fallen victim to a ransomware attack orchestrated by the notorious cybercriminal group, INC Ransom. This incident highlights the growing threat of ransomware attacks on industries that are increasingly dependent on digital infrastructure.

Company Profile and Industry Standing

Founded in 1986 and headquartered in Gelsenkirchen, Storck-Baugesellschaft mbH specializes in technically demanding and time-sensitive construction projects. The company is renowned for its ability to deliver comprehensive "turnkey" solutions, managing everything from initial groundwork to final interior finishes. Their expertise is particularly evident in urban settings, where they have successfully executed complex projects such as the installation of a circular escalator shaft within an operational department store in Berlin. The company employs around 60 experienced professionals, including engineers and skilled tradespeople, and is recognized for its commitment to high-quality standards and employee development.

Ransomware Attack Overview

INC Ransom has claimed responsibility for the attack on Storck-Baugesellschaft mbH, asserting that they have infiltrated the company's systems and exfiltrated its database. This breach poses a significant threat to the company's operations, potentially affecting project timelines, client confidentiality, and financial stability. The attack underscores the vulnerabilities present in the construction sector, which, like many industries, increasingly relies on digital infrastructure for its operations.

About INC Ransom

INC Ransom is a highly sophisticated ransomware group known for its targeted attacks on corporate and organizational networks. The group employs advanced techniques such as spear-phishing campaigns and exploits vulnerabilities like CVE-2023-3519 in Citrix NetScaler. Their attacks involve not only encrypting data but also stealing it and threatening to release it publicly, a tactic known as double extortion. INC Ransom has been active since 2023 and has targeted various industries, including healthcare, education, and technology companies.

Potential Vulnerabilities and Attack Vector

While specific details of how INC Ransom penetrated Storck-Baugesellschaft's systems remain undisclosed, the group's known methods suggest potential vulnerabilities in the company's cybersecurity infrastructure. The reliance on digital systems for project management and communication could have provided an entry point for the attackers. This incident serves as a stark reminder of the importance of effective cybersecurity measures in protecting sensitive data and maintaining operational integrity.

Sources

• Storck-Baugesellschaft mbH Official Website
• SOCRadar - Dark Web Profile: INC Ransom
• SentinelOne - INC Ransom
• Security Affairs - INC Ransom Ransomware