Building technology giant Johnson Controls has confirmed it has been hit by a disruptive cyberattack that appears to have been carried out by a ransomware group.
A Form 8-K deposit by the company this week with the Securities and Exchange Commission (SEC) revealed that some of its internal IT infrastructure and applications had been disrupted following a cybersecurity incident.
An investigation has been launched to determine what type of information may have been compromised.
“To date, many of the company’s applications are largely unaffected and remain operational. Where possible and consistent with its business continuity plans, the Company has implemented workarounds for certain operations to mitigate disruptions and continue to serve its customers. However, the incident has caused, and is expected to continue to cause, disruptions to certain portions of the Company’s business operations,” Johnson Controls said in the SEC filing.
The incident could force the company to delay the release of its fourth quarter and full year financial results.
Johnson Controls provides HVAC, automation, security, safety, smart home, retail, industrial refrigeration and energy solutions and services. The company has more than 100,000 employees in 150 countries.
VX-Underground Threat Intelligence Group reported that a ransomware group known as Dark Angels was behind the attack on Johnson Controls. Hackers claim to have stolen 27TB of data from the company’s systems.
Gameel Ali, researcher and member of VX-Underground, published a screenshot of what appears to be the ransom note sent by the cybercriminals to the company.
There is no mention of Johnson Controls on the ransomware group’s Tor-based leak website as of this writing.
THE Dark angels A gang emerged in May 2022, using both data theft and file-encrypting malware to convince victims to pay a ransom. Hackers have attacked several large organizations in the United States in recent months.
The group created their ransomware using Babuk source code leakedwhich has been used by several malicious actors to create their own malware.
Related: City of Dallas details impact and costs of ransomware attacks
Related: Critical infrastructure organizations warned of Snatch ransomware attacks
Related: Ransomware gang takes credit for disruptive MGM hotels cyberattack