Defense contractor Hensoldt confirms Lorenz ransomware attack

Hensoldt, an international defense contractor headquartered in Germany, has actually validated that a few of its UK subsidiary’s systems were jeopardized in a ransomware attack.

The defense international establishes sensing unit remedies for defense, aerospace, as well as protection applications, is noted on the Frankfurt Stock Exchange, as well as had a turn over of 1.2 billion euros in 2020.

It runs in the United States under an unique contract that enables it to obtain identified as well as delicate United States federal government agreements.

Its items consist of radar ranges, avionics, as well as laser rangefinders utilized on M1 Abrams containers, different helicopter systems, as well as LCS (Littoral Combat Ship) by the United States Army, United States Marine Corps, as well as the United States National Guard.

Hensoldt announced on Thursday that it’s outfitting German-Norwegian U212 CD submarines constructed by the kta consortium with next-generation completely electronic optronics tools.

While the firm is yet to provide a public declaration concerning this case, the Lorenz ransomware gang has actually currently asserted the attack.

On Wednesday, a Hensholdt agent validated Lorenz’s declares after BleepingComputer connected over e-mail.

“I can confirm that a small number of mobile devices in our UK subsidiary has been affected,” Hensoldt’s Head of Public Relations, Lothar Belz, informed BleepingComputer.

However, Belz refuted giving extra details concerning the case, claiming that “for obvious reasons, we do not disclose any more details in such cases.”

Ransomware gang states they were paid

For its component, the Lorenz ransomware team declares to have actually swiped an unrevealed quantity of data from Hensholdt’s network throughout the attack.

The gang states a ransom money has actually been paid, with 95% of all swiped data released on the ransomware’s information leakage site given that December 8, 2021, when the Hensoldt leakage web page was produced.

While Lorenz reveals the leakage as being “Paid,” it’s uncertain if that suggests Hensoldt paid a ransom money or if an additional hazard star bought the information.

Hensoldt Lorenz leak page
Hensoldt Lorenz leakage web page (BleepingComputer)

This is since the Lorenz ransomware gang is recognized for marketing swiped information to various other hazard stars to press targets right into paying ransom money.

If no ransom money is paid besides information is leaked as password-protected RAR archives, Lorenz will certainly likewise launch the password to access the information leakage archives to make the swiped data openly offered to any person that downloads leaked archives.

Lorenz started running in April 2021 as well as has actually given that been targeting venture companies worldwide, requiring thousands of hundreds of bucks in ransom money from each of their targets.

In June, Dutch cybersecurity company Tesorion launched a cost-free Lorenz ransomware decryptor, which targets can make use of to recoup some data kinds, consisting of Office papers, PDF data, pictures, as well as videos.

Leave A Reply

Your email address will not be published.