Major Japanese defense contractor breached by ALPHV


Japan Aviation Electronics (JAE), a multi-billion tech manufacturer, has confirmed that it’s been hit with a cyberattack that impacted its workflow.

JAE was listed on the dark web blog of ransomware gang ALPHV (also known as BlackCat), which it uses for showcasing its latest victims.

The attackers were scant on details about the breach and did not indicate what type of data the cybercrooks may have accessed.

Meanwhile, JAE confirmed the attack with a statement, saying that an external party had accessed some of the group’s servers without authorization. The company says that it has launched an investigation into the issue.

ALPHV JAE
JAE posted on ALPHV's dark web blog. Image by Cybernews.

The company’s global website was inaccessible at the time of publishing this article.

“We are currently investigating the status of damage and restoring operations, but some systems have been suspended, and there have been some delays in sending and receiving emails,” the statement said.

JAE noted that there’s no indication any information was leaked. However, ransomware gangs operate by stealing data and then demanding payment for not publishing it, meaning that leaks may come at a later date.

“We sincerely apologize for any inconvenience caused to our customers and other concerned parties. We will immediately inform you of any new matters to be reported as soon as we find them through further investigation,” the company said.

JAE is a publicly traded company with a yearly revenue exceeding $1.5 billion. The company employs nearly 10,000 staff and specializes in the manufacture and sale of connectors, interface solution equipment, and other tech.

Its products are used in mobile devices, automobiles, infrastructure, industrial machinery, flight control and navigation equipment, as well as space electronics.

Who is ALPHV/BlackCat ransomware?

ALPHV/BlackCat ransomware was first observed in 2021. Like many others in the criminal underworld, the group operates a ransomware-as-a-service (RaaS) business, selling malware subscriptions to criminals.

According to an analysis by Microsoft, threat actors that began deploying it were known to work with other prominent ransomware families such as Conti, LockBit, and REvil.

The FBI believes that money launderers for the ALPHV/BlackCat cartel are linked to the Darkside and Blackmatter ransomware cartels, indicating that the group has a well-established network of operatives in the RaaS business.

The gang gained international attention earlier this year after it, together with Scattered Spider hackers, attacked MGM Resorts International and Caesars Entertainment.

According to Ransomlooker, the Cybernews’ ransomware monitoring tool, ALPHV was among the most active gangs in the last 12 months, victimizing 317 organizations worldwide.


More from Cybernews:

Adapting to AI: how workers can manage disruption

Sensitive military personnel data available for just a few cents online, research finds

Sun Life third-party breach exposes 212K individuals

Meta bars political advertisers from using generative AI ads tools

WeWork files for bankruptcy with debts of $19 billion

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked