[Mise à jour le 31 mai 2022 @17h05] According to concordant sources, the Alphv/BlackCat ransomware (also called Noberus) was used in the cyberattack carried out against Akka Technologies and launched last week. The reconstructed modus operandi has already been observed in other of his victims. Reached by phone, Stéphanie Bia, director of communication for the engineering group, confirmed the name of the ransomware involved and indicated that the initial intrusion dates back to ” earlier in May »without providing further details.
Discovered at the beginning of December 2021, Alphv/BlackCat is distinguished by the programming language used for its development, Rust. It is highly customizable and can touch Windows, Linux systems, as well as VMware ESXi virtualized environments. This ransomware was notably used in France against Inetum.
[Article original] All the way to battle, this Tuesday, May 24 in the morning, at several Akka Technologies customers: the digital services company (ESN) would have been hit by ransomware. The first informed customers quickly severed their ties with the ESN and blocked the accounts used by its employees in their information systems.
Reached by telephone in the afternoon, the communication department of Akka Technologies confirms the situation, while indicating that they are not yet able to specify the extent of the damage, nor the ransomware family involved in the attack. .
Akka Technologies has recently been acquired by the Adecco group, via its subsidiary Modis. The two entities must also be merged to become Akkodis.
The engineering and technology consulting group is notably present in France and Germany (with MBtech, former captive ESN of Daimler-Benz), and active in the automotive, aeronautics, rail, energy, health, telecommunications, or aerospace. Its customers include Airbus.
Akka Technologies announced, on February 3, its participation in the European PRECINT project “which brings together an international consortium of 40 partners, with the common goal of providing a framework and a methodology” to ensure the security and resilience of the Union’s critical infrastructures. – both from a physical and cyber point of view.
Akka Technologies is not the first French ESN hit by ransomware. Recently, Inetum fell victim to BlackCat. Accenture has also been confronted with this threat, as have Altran, Econocom, Sopra Steria, Umanis, or even Xefi, at least according to one of its clients and Everest’s allegations. Across the Atlantic, Cognizant has also been affected in the past.
The risk of a rebound attack via ESNs is well identified. The National Information Systems Security Agency (Anssi) already mentioned it in its 2018 activity report. It returned to the subject at the very beginning of the year, on the occasion of the publication of its panorama cyber threat for 2021.