Hensoldt, a multinational defence contractor, disclosed that Lorenz ransomware has infected part of its UK subsidiary's systems. A spokesman for Hensholdt acknowledged the security vulnerability to BleepingComputer this week.
Hensoldt's Head of Public Relations, Lothar Belz, told BleepingComputer, "I can confirm that a small number of mobile devices in our UK subsidiary has been affected."
Belz, on the other hand, refused to provide any other specifics on the incident, adding, "for obvious reasons, we do not reveal any more facts in such cases."
Since April, the Lorenz ransomware group has targeted several institutions around the world, demanding hundreds of thousands of dollars in ransom.
Lorenz operators, like other ransomware groups, use a double-extortion approach, acquiring data before encrypting it and threatening victims if they don't pay the ransom. Ransom demands have been quite high, between $500.000 and $700.000.
Hensoldt AG emphasizes sensor technology for security and surveillance missions in the defence, security, and aerospace sectors. Radar, optoelectronics, and avionics are the company's core product areas, and it is listed on the Frankfurt Stock Exchange.
The defence multinational, which is listed on the Frankfurt Stock Exchange and with a revenue of 1.2 billion euros in 2020, offers sensor solutions for defence, aerospace, and security applications.
The corporation works with the US government on classified and sensitive contracts, and its products include and equip tanks, helicopter platforms, submarines, and Littoral Combat Ships, among other things.
The Lorenz ransomware group has already published the names of the firms that have been compromised on their Tor leak site. The ransomware group claims to have already transferred 95 percent of all stolen files to its leak site as of this time of writing.
The gang named the archive file "Paid," implying that someone else paid to keep the Hensoldt files from being exposed.
Tesorion, a cybersecurity firm, studied the Lorenz ransomware and produced a decryptor that may allow victims to decrypt their files for free in some situations.
