Hackers from Dark Angels powerfully hit the wallet of an American company.
The American corporation Johnson Controls, which develops industrial automation, security and air conditioning systems, confirmed that the cyber attack it suffered in September 2023 cost it $27 million in costs. In addition, as a result of the attack, attackers stole terabytes of confidential company data.
According to a report submitted by Johnson Controls to the U.S. Securities and Exchange Commission (SEC), on September 23, 2023, a part of the company's IT infrastructure was attacked using ransomware. Attackers gained unauthorized access, stole data, and deployed file encryptors.
The attack was carried out by the hacker group Dark Angels, active since May 2022. She said that she stole more than 27 TB of confidential Johnson Controls data, deleting backups, and demanded $51 million in ransom for not publishing the stolen data and providing a decryption tool.
A buyout note addressed to Johnson Controls management
The corporation decided not to go along with the attackers and did not pay the ransom. The cost of responding to and eliminating the consequences of a cyberattack was about $27 million. These costs include immediate response measures, system recovery after an attack, and insurance indemnity payments.
It is expected that with the ongoing investigation and work with external cybersecurity experts, costs will increase even more.
Initially, the cyberattack affected Johnson Controls ' offices in Asia. From there, the attackers spread across the corporate network, forcing the company to disable a significant part of its IT infrastructure, including customer-oriented systems.
All this has led to disruptions in the provision of services. Then Johnson Controls only confirmed the "cybersecurity incident", without disclosing its details and the possibility of data leakage.
Only now, in a report to the SEC, the company officially classified the incident as a cyberattack using malware for extortion, which resulted in data theft.
Johnson Controls assured that unauthorized activity is completely localized, and the company's digital products and services, including OpenBlue and Metasys, are now fully available.
However, a full recovery may take some time. An investigation is currently underway to determine the full amount of data stolen by hackers. The company also works with external experts to restore security systems to avoid repeated attacks.
Experts note that such cyber attacks pose a serious threat to any companies, and for industrial corporations they can lead to huge production and financial losses.
Therefore, after eliminating the immediate consequences of the incident, Johnson Controls is likely to have a large-scale work to review all its security systems. And this will also require additional investment to protect against future attacks.
The American corporation Johnson Controls, which develops industrial automation, security and air conditioning systems, confirmed that the cyber attack it suffered in September 2023 cost it $27 million in costs. In addition, as a result of the attack, attackers stole terabytes of confidential company data.
According to a report submitted by Johnson Controls to the U.S. Securities and Exchange Commission (SEC), on September 23, 2023, a part of the company's IT infrastructure was attacked using ransomware. Attackers gained unauthorized access, stole data, and deployed file encryptors.
The attack was carried out by the hacker group Dark Angels, active since May 2022. She said that she stole more than 27 TB of confidential Johnson Controls data, deleting backups, and demanded $51 million in ransom for not publishing the stolen data and providing a decryption tool.
A buyout note addressed to Johnson Controls management
The corporation decided not to go along with the attackers and did not pay the ransom. The cost of responding to and eliminating the consequences of a cyberattack was about $27 million. These costs include immediate response measures, system recovery after an attack, and insurance indemnity payments.
It is expected that with the ongoing investigation and work with external cybersecurity experts, costs will increase even more.
Initially, the cyberattack affected Johnson Controls ' offices in Asia. From there, the attackers spread across the corporate network, forcing the company to disable a significant part of its IT infrastructure, including customer-oriented systems.
All this has led to disruptions in the provision of services. Then Johnson Controls only confirmed the "cybersecurity incident", without disclosing its details and the possibility of data leakage.
Only now, in a report to the SEC, the company officially classified the incident as a cyberattack using malware for extortion, which resulted in data theft.
Johnson Controls assured that unauthorized activity is completely localized, and the company's digital products and services, including OpenBlue and Metasys, are now fully available.
However, a full recovery may take some time. An investigation is currently underway to determine the full amount of data stolen by hackers. The company also works with external experts to restore security systems to avoid repeated attacks.
Experts note that such cyber attacks pose a serious threat to any companies, and for industrial corporations they can lead to huge production and financial losses.
Therefore, after eliminating the immediate consequences of the incident, Johnson Controls is likely to have a large-scale work to review all its security systems. And this will also require additional investment to protect against future attacks.
