A Canadian manufacturer of blades, buckets and other heavy equipment that is attached to tractors and excavators has acknowledged it suffered a security breach by the Karakurt hacking gang.
However, Lyle Makus, IT manager of Edmonton-based Weldco-Beales Manufacturing, said it isn’t clear if the gang copied any data.
“We have no way to prove or deny that at this point, so we’re trying to assess that,” he said. “We don’t believe they really got any data.”
Asked to describe the incident, he said that “we had a virus and spent a day or two getting all of the data recovered, and have tidied up and got things locked things down as best we can from the virus.”
Asked if the company has heard from the hackers, Makus said, “They leave a trail on the server of files, they are wanting you to get hold of them and send them bitcoin. And they left a couple of voicemails. The voicemails, he said, told the company “to take this seriously, you know how to contact us.”
He couldn’t recall how much was demanded in cryptocurrency.
Makus doubted the company will pay a ransom. “If you pay for these kinds of things all we’re doing is encouraging them. We don’t believe they would have got much for [our] data.”
Weldco-Beales specializes in making attachments for heavy equipment in the construction, road maintenance, forestry and resource sectors. In addition to Edmonton, it has manufacturing plants in Ontario and British Columbia, and regional sales offices in the U.S..
The company was one of 11 Canadian and U.S. organizations the Karakurt gang alleges it compromised in a December 29th posting. One is Montreal’s tourism agency.
They also include a Quebec construction firm, a Quebec-based bathroom designer, a Canadian First Nation, a Western Canadian data management firm. ITWorldCanada.com is attempting to verify those claims. Alleged victims in the U.S. include a credit union, a human resources firm, an asphalt manufacturer and a digital media company.
According to Accenture, Karakurt steals data and promises to release or sell it unless paid. It claims to have hit over 40 victims across multiple industries between September and November alone.