Johnson Controls, a multinational conglomerate specializing in industrial control systems, security equipment, and more, has fallen victim to a large-scale ransomware attack that has severely impacted its operations and various subsidiaries, including York, Simplex, and Ruskin. The attack followed an initial breach at the company’s Asia offices.
Furthermore, subsidiaries have experienced technical outages, with customers reporting disruptions in services. The ransomware group, known as Dark Angels, is demanding a $51 million ransom and claims to have stolen over 27 TB of corporate data while encrypting VMWare ESXi virtual machines. Johnson Controls has confirmed the incident and is collaborating with cybersecurity experts and insurers to investigate and mitigate the damage.
Additionally, dark Angels is a ransomware operation that emerged in May 2022 and has since targeted organizations worldwide. The group utilizes double-extortion tactics, stealing data from corporate networks and launching ransomware attacks.
In the case of Johnson Controls, they deployed a Linux encryptor to encrypt devices across the network. The attack has disrupted parts of Johnson Controls’ business operations, and the company is evaluating the potential impact on its financial results and ability to release its fourth-quarter and full fiscal year results on time.
This incident underscores the ongoing threat posed by ransomware groups like Dark Angels and the importance of robust cybersecurity measures and incident response plans for organizations. As cybercriminals continue to evolve their tactics, businesses must remain vigilant in protecting their data and systems from potential threats.