Maze ransomware has attacked VT San Antonio Aerospace -- the latest in a growing list of high-profile cyberattacks allegedly involving the Maze hacker group and attempted digital extortion.
VT San Antonio Aerospace specializes in maintenance, modifications and composite parts fabrication for airlines and VIP clients. The company has more than 1,000 employees.
In an extended statement about the attack, Ed Onwe, VP and GM of VT San Antonio Aerospace said:
"VT San Antonio Aerospace discovered that a sophisticated group of cyber criminals, known as the Maze group, gained unauthorized access to our network and deployed a ransomware attack. At this point, our ongoing investigation indicates that the threat has been contained and we believe it to be isolated to a limited number of ST Engineering’s U.S. commercial operations. Currently, our business continues to be operational.
Upon discovering the incident, the Company took immediate action, including disconnecting certain systems from the network, retaining leading third-party forensic advisors to help investigate, and notifying appropriate law enforcement authorities.
As part of this process, we are conducting a rigorous review of the incident and our systems to ensure that the data we are entrusted with remains safe and secure. This includes deploying advanced tools to remediate the intrusion and to restore systems. We are also taking steps to further strengthen the Company’s overall cybersecurity architecture.
Trust between our Company and all of our stakeholders – including our employees, customers and business partners – is core to our culture and business values. We are committed to responding to this incident transparently and proactively, and already have begun notifying potentially affected customers. We will be working with our customers and industry peers to share insights and any lessons learned so that they can learn from our experience."
Maze Ransomware Attacks: Multiple Organizations Hit
The Maze ransomware attackers have targeted multiple ITSPs, solutions providers and municipalities in recent months. Victims include:
- May 2020: Business process outsourcing (BPO) company Conduent suffered a Maze ransomware attack.
- April 2020: Cognizant, which will suffer $50 million to $70 million in lost revenue from the attack, the IT services company estimates.
- May 2020: Dakota Carrier Network (DCN), a consortium of broadband companies & fiber optic network service provider.
- December 2019: The city of Pensacola, Florida.
How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.