Ransomware Attack on Voss Belting & Specialty Co. by Cicada3301

Overview of Voss Belting & Specialty Co.

Voss Belting & Specialty Company, established in 1934 by Joseph Voss, is a family-owned business located in Lincolnwood, Illinois. The company specializes in the fabrication of lightweight conveyor belts and timing belts, serving various industries including food handling, original equipment manufacturing (OEM), and general manufacturing. With over 80 years of experience, Voss Belting has built a strong reputation for providing high-quality, custom belting solutions quickly and economically.

Details of the Ransomware Attack

On July 26, 2024, Voss Belting & Specialty Co. fell victim to a ransomware attack orchestrated by the threat actor group Cicada3301. The attack resulted in a significant data breach, compromising approximately 130GB of sensitive information. The company's website, vossbelting.com, was specifically targeted in this malicious act.

About Cicada3301

Cicada3301 is a relatively new threat actor group that emerged in June 2024. Unlike traditional ransomware groups, Cicada3301 operates as a data broker, focusing on stealing sensitive data and selling it on dark web marketplaces. This group distinguishes itself by leveraging the threat of releasing stolen data to pressure organizations, rather than demanding ransom for decryption.

Cicada 3301

To clarify, the name “Cicada 3301” was originally associated with an online puzzle that gained notoriety between 2012-2014. However, the name has since been appropriated by a separate and unrelated ransomware group, which has been the focus of recent reports, including ours.

Halcyon fully respects the legacy of the original “Cicada 3301” organization and recognizes their distinction from the activities of the ransomware group using the same name. Our reporting on the ransomware group is consistent with fair use, aiming to inform the public about cybersecurity threats.  For those interested in the original “Cicada 3301” and their official stance on this matter, we encourage you to visit their statement here.

We appreciate your understanding as we strive to maintain clarity and accuracy in our reporting.

Penetration and Vulnerabilities

While specific details on how Cicada3301 penetrated Voss Belting's systems are not disclosed, common vulnerabilities in manufacturing companies include outdated software, insufficient network segmentation, and lack of employee training on phishing attacks. Given Voss Belting's reliance on advanced materials and state-of-the-art fabrication technology, any breach could severely disrupt their operations and compromise proprietary information.

Impact on Voss Belting

The attack on Voss Belting has significant implications, including potential financial loss, reputational damage, and operational disruptions. The exposure of sensitive data can lead to identity theft, corporate espionage, and regulatory penalties. As a leader in the belting industry, Voss Belting's commitment to quality and innovation makes it a prime target for cybercriminals seeking valuable information.

Sources

   
• Voss Belting & Specialty Co.
   
• Our Company - Voss Belting
   
• LinkedIn - Voss Belting & Specialty Co.