The ALPHV/BlackCat ransomware group alleged the KHS&S cyberattack on its dark web channel. The threat actor claimed responsibility for the February 21, 2024 cyberattack and shared a deadline of 3 days from the day of publication on the organization.
KHS&S Contractors, a major US-based construction company, is reportedly facing this ransomware group that claims access to an undisclosed amount of data.
The message posted by ALPHV/BlackCat Ransomware The group, directed directly to KHS&S, was short but worrying: “KHS&S CONTRACTORS (You have 3 days).
With a turnover of $49.9 million, KHS&S Contractors found itself in the crosshairs of cybercriminals, with the extent of the damage still to be understood.
Alleged KHS&S Cyberattack Claims on the Dark Web
To learn more about this alleged cyberattack against KHS&S, The Cyber Express quickly contacted the organization for clarification and information. However, as of this writing, the organization has not shared any official statement or response to the alleged KHS&S cyberattack, leaving the organization’s claims cyber attack suspended in uncertainty.
Despite the lack of official recognition, skepticism has emerged over the validity of the attack. The KHS&S website appears operational, showing no immediate signs of disruption or compromise.
However, we know that cyber Attackers often target backend systems and databases rather than launching front-end attacks.
Indeed, the KHS&S cyberattack, if confirmed, would be emblematic of a broader trend within the construction sector. In recent years, there has been an increase ransomware attacks targeting construction companies, Nordlocker, a leading encryption software company, ranking the sector as the most vulnerable to such incursions for two of the last three years.
Vulnerabilities within construction companies
THE vulnerabilities inherent to the construction sector constitute an irresistible victim for cybercriminals. The use of modern digital tools, computer aided design (CAD) has building information modeling (BIM)exposes businesses to increased risks.
The problem is compounded by the often lax posture of many construction companies when it comes to cybersecurity, coupled with employee training in identifying and mitigating cyber threats.
The increase in cyberattacks against construction companies is becoming evident with incidents such as the Cyberattack on Simpson Manufacturing in 2023. The California engineering company, known for its wood and concrete construction products, found itself the victim of a cyberattack that caused critical IT systems to shut down.
In a filing with the SEC, Simpson Manufacturing acknowledged the cybersecurity incident, revealing disruptions to its IT infrastructure and applications. The company’s response was to take affected systems offline in an effort to contain the breach, highlighting the severity and persistence of cyber threats facing the construction industry.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber Express assumes no responsibility for the accuracy or consequences of the use of this information.