International. A group of hackers is demanding a millionaire sum from the company Johnson Controls, as a condition to unlock a massive amount of its confidential data, some of which could compromise the national security of the United States.
Following the cyberattack, the company immediately took several of its systems offline. These IT outages caused disruptions at the subsidiary level, as well as disruptions to business operations.
On September 27, it transpired that the Dark Angels group would be responsible for the kidnapping of the information, whose volume is estimated at 27 terabytes. The value of the ransom? Around US $51 million, in exchange for returning the stolen data and deleting any copies of it.
Johnson Controls reacts
The company quickly launched an investigation in which several outside experts are participating. These investigations are still open and seek to determine the scope of the incident.
For example, Johnson Controls is evaluating the impact on its financials and whether it will be able to publish its results for the fourth quarter and fiscal year on time. Additionally, it is in consultation with its insurers to determine if it is appropriate to make the corresponding policies effective.
In a regulatory filing, Johnson Controls International has experienced disruptions to parts of its internal information technology infrastructure and applications as a result of a cybersecurity incident. Immediately after detecting the issue, the company launched an investigation with the help of leading outside cybersecurity experts and is also coordinating with its insurers. The company continues to assess what information was affected and is executing its protection and incident management plan, including implementing remediation measures to mitigate the impact of the incident, and will continue to take additional action as appropriate. To date, many of the company's applications have largely been unaffected and remain operational. To the extent possible, and in accordance with its business continuity plans, the company implemented alternative solutions for certain operations to mitigate disruptions and continue to provide services to its customers. However, the incident has caused, and is expected to continue to cause, disruptions to parts of the company's business operations."
"The company is evaluating whether the incident will affect its ability to timely publish fourth quarter and full fiscal year results, as well as the impact on its financial results."
Information from the Department of Homeland Security
Apparently, the company has access to confidential material, related to the physical security of the federal agency. According to some media, the US Department of National Security has expressed concern, warning that it could "have compromised sensitive physical security information such as DHS blueprints."
