RYUK Ransomware attack on Emcor Group


EMCOR Group which is well renowned as EMCOR- a Fortune 500 company, has disclosed that it became a victim of an RYUK Ransomware attack in February this year. As per the details available to Cybersecurity Insiders, the file-encrypting malware attack took place on Feb 15th,2020 and was contained on an efficient note by the IT staff.


Details of the attack were kept as a secret from the public till Wednesday this week. This means they were revealed on an official note through the company’s website almost 3 weeks after.


As per a source from electrical and mechanical equipment suppliers, only certain systems were affected and were taken down on time to prevent any untoward further.


No data was stolen in the incident says the company. But security experts argue that those spreading Ryuk ransomware first steal a certain portion of data from the servers and then encrypt the database to sell the data; just in case the victim refuses to pay the demanded ransom. Similar to the ones seen with ransomware groups names Nemty, DopplePaymer, PwndLocker, Maze and Revil aka Sodinokibi.


Financial experts of Emcor say that the attack could impact the earnings of the company in early 2020 as it had to shut down certain operations of the company as soon as the malware spread was identified.


Note- Emcor which was listed at the 375th position in the list of 2018 Fortune 500 Companies compromised of 80 subsidiaries located in over 170 locations and having an employee strength of 33,000 people. And the company recorded a $9 billion revenue in 2019.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display