Search This Blog

Powered by Blogger.

Blog Archive

Labels

Ransomware Attack Hits Sandhills Online Machinery Market

Conti ransomware attack is behind these outages, as per the numerous sources.

 

Sandhills Global, a leading industry publication, has been hit by a ransomware assault, resulting in hosted websites being unavailable and affecting their company operations. 

Sandhills Global is a trade publishing and hosting firm headquartered in the United States that serves the transportation, agriculture, aircraft, heavy machinery, and technology industries. 

The firm offers a variety of printed and online trade magazines that include industry news as well as a marketplace for dealers to sell relevant new and old machinery. 

Sandhills Global's website and all of their hosted publications went offline on October 1, and their phones stopped working. Users are presented with a Cloudflare Origin DNS error page while attempting to access websites hosted on Sandhills' platform, suggesting that Cloudflare is unable to connect to Sandhills' servers. 

Several sources have informed BleepingComputer that the disruptions are the result of a Conti ransomware assault. This attack reportedly happened in the early morning on Thursday, leading the firm to take down all of its IT systems to stop the escalation of the attack.

Over the years, the Conti ransomware group has been involved in a large number of attacks, including high-profile operations targeting JVCKenwood, the City of Tulsa, Ireland's Health Service Executive (HSE), and Advantech. 

When carrying out assaults, the Conti group generally steals files before encrypting devices to use them as extra leverage during extortion operations. They then demand multi-million dollar ransom payments in order to receive a decryptor and not leak stolen data. 

It's unclear how much the Conti seeks from Sandhills, or whether they acquired data during the attack. Sandhills has been contacted by BleepingComputer with questions regarding the assault but didn't receive any response. 

While Sandhills Global has not responded to the email, a customer shared an email with BleepingComputer which confirmed the ransomware assault. 

The email stated, “Sandhills Global is currently responding to a ransomware attack that impacted our operations. Systems and operations have been temporarily shut down to protect data and information, and we have retained cybersecurity experts to assist us with the investigation, which is ongoing. We are working actively and diligently with the assistance of our retained experts to fully restore operations. At this time, we are continuing to investigate whether any of our client's information has been accessed or impacted by this incident. 

At this time, we have not discovered evidence that confirms that customer information has been compromised. Please know that our clients are our number one priority and we are working diligently to restore operations and remediate the attack. At this time, our ability to respond to your messages may be delayed. 

We appreciate your patience and deeply regret any inconvenience this may cause. We will provide updates regarding this matter and the status of our services as soon as possible.”
Share it:

Computer servers

Conti Ransomware

Cyber Attacks

Market

Ransomware

Website Attack