A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang.
Boyce Technologies Inc., based in Long Island City, New York, was targeted by the ransomware gang, which has threatened to leak data stolen in the incident unless the company pays a ransom, according to the news site Cointelegraph.
A screenshot provided by a source to Information Security Media Group of DoppelPaymer’s blog on the darkweb showing examples of files the group claims it stole during the attack, including sales and purchase orders and assignment forms.
The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm.
Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the first months of the COVID-19 pandemic, amid the big demand for the machines across New York hospitals.
Prior to the attack the company was making 300 units a day with the help of the robots built by the company.
Healthcare sector under threat despite COVID-19 pandemic
Speaking with Cointelegraph, Brett Callow, threat analyst and ransomware expert at malware lab, Emsisoft, warns that such attacks on hospitals, medical testing labs, and medical device manufacturers may not only cost money, “they may cost lives as well.” He adds:
“Unfortunately, ransomware will continue to be a problem for as long as ransoms continue to be paid, and this is something organizations should keep this in mind. If they choose to pay, they’re helping to ensure that other organizations will be hit in future, and those organizations may be ones that provide critically important services.”
As of press time, Boyce Technologies has not issued an official statement addressing the ransomware attack, nor additional information on what extent the attack has impacted their operations.
Microsoft’s security team revealed more details in May about DoppelPaymer as a ransomware deployed in human-operated attacks. It uses “brute force” against a target company’s systems management server, and mainly has targeted the healthcare sector amid the COVID-19 crisis.