Darkweb Spotlight: SAC Wireless Hit by Conti Ransomware

SAC Wireless, a US-based Nokia subsidiary, has suffered a ransomware attack by the Conti ransomware gang. SAC Wireless disclosed that Conti members were able to access their network, exfiltrate data and encrypt their systems.  The attack was discovered on June 16 and the second attack occurred on Aug 13, 2021. Of the data exfiltrated SAC Wireless has determined that it was personal information from current and former employees, including any health plan beneficiaries.  A trove of employee data was taken, presumably from human resources files. Conti was able to successfully get personally identifiable information such as names, date of birth, social security numbers, governmental ID numbers, health insurance, tax return information, and more.  This attack is notable as in early August 2021 an unsatisfied affiliate leaked the Conti gang’s ransomware playbook including many details such as the IP addresses for their command and control servers.  SAC Wireless provides design, building, and upgrade services for telecom carriers, major tower owners, and original equipment manufacturers (OEMs) in the US. the company has claimed to take many steps to prevent future breaches.  Telecommunication companies have been targeted recently for data theft and ransomware. CybelAngel Asset Discovery and Monitoring is a key proactive measure to help identify vulnerable assets that are exploited in cyberattacks.