Automatic Systems, a Belgium-based security system supplier specializing in secure entrance controls and access control equipment, was targeted in a ransomware attack earlier this month. The attack has now been claimed by the notorious ALPHV group, who said they stole sensitive information from the company in addition to encrypting its data.
The ALPHV group announced on its dark web portal that it had successfully targeted Automatic Systems, stealing a vast array of data, including personal data belonging to customers and partners, as well as internal business documents, strategic data, financial and banking data and engineering and technical information about products.
In its announcement, the ALPHV group mocked Automatic Systems’ security measures and claimed that the company’s systems had been easily compromised due to insufficient safeguards.
Upon uncovering the cyber attack, Automatic Systems promptly issued a statement, assuring customers that measures had been taken to halt the progression of the ransomware. The company noted that external cybersecurity experts had been called upon to support the internal IT teams around the clock.
Despite its reassurances, however, the breach has left sensitive information exposed to cybercriminals and has put military and NATO security at risk. ALPHV claimed to have stolen confidential documents related to NATO and the procurement of equipment for military companies, which included installation schemes and data about security equipment. They also claimed to have access to recordings of calls made during the breach.
The ALPHV ransomware group is known for its triple extortion technique, whereby the attackers first gain access to the systems, steal data, and encrypt system information. They then extort money from the victim by first threatening to release the stolen information publicly, and then by threatening to launch a distributed denial of service (DDoS) attack on the victim’s website.
The Automatic Systems attack is a reminder that no organization is immune to cyber attacks, and just how extensive the damage can be when a successful attack does occur. It underlines the importance of having a robust cybersecurity strategy in place to safeguard data and prevent cyber attacks from succeeding.