On May 7, 2023, Swiss-based electrification and automation solutions company ABB was attacked by Black Basta ransomware. This attack affected the company’s Windows Active Directory and hundreds of devices, leading to delays in various projects and disruption of factories. ABB has around 105,000 employees and generated $29.4 billion in revenue in 2022. Its customers include Volvo, Hitachi, DS Smith, and municipal governments worldwide.
Black Basta ransomware was first discovered in April 2022 and is believed to be linked to the FIN7 hacker group, also known as Carbanak. It is distributed through the Qbot malware and has a version for Linux aimed at VMware ESXi virtual machines running on Linux servers. The Black Basta operators are responsible for major attacks such as the American Dental Association, Sobeys, Knauf, and Yellow Pages Canada hacks.
ABB has declined to comment on the attack.
