{"id":9030,"date":"2023-05-23T10:47:30","date_gmt":"2023-05-23T05:17:30","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=9030"},"modified":"2026-05-25T15:56:52","modified_gmt":"2026-05-25T10:26:52","slug":"ransomware-attack-by-black-basta-on-abb","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/","title":{"rendered":"Swiss Tech Giant, ABB Hit by a Ransomware Attack"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">A ransomware attack disrupted business activities at Swiss-Robotic and automation major, ABB Ltd. The industrial tech behemoth confirmed on May 12, 2023, that they have suffered from an <strong>\u201cIT security incident\u201d <\/strong>that has obstructed some of its operations and systems worldwide. However, ABB claimed that most of its \u201csystems and factories are now up and running, and ABB continues to serve its customers securely.\u201d<\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#How_ABB_Became_a_Victim_of_Ransomware_Attack\" >How ABB Became a Victim of Ransomware Attack?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#Is_Black_Basta_Behind_the_Attack\" >Is Black Basta Behind the Attack?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#ABBs_Take_on_the_Attack\" >ABB\u2019s Take on the Attack<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#Who_is_Black_Basta_Ransomware_Group\" >Who is Black Basta Ransomware Group?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#FAQs_Ransomware_Attack_on_ABB\" >FAQs: Ransomware Attack on ABB<\/a><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">The company has a variety of customers which consists of the government, Volvo, Hitachi, DS Smith, the City of Nashville, and the City of Zaragoza. ABB\u2019s vast business empire develops SCADA systems for manufacturing and energy suppliers and industrial control systems (ICS). Being a significant part of the manufacturing system, ICS is an easy target for state-sponsored and financially motivated threat actors.\u00a0<\/span><\/p>\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_ABB_Became_a_Victim_of_Ransomware_Attack\"><\/span><strong>How ABB Became a Victim of Ransomware Attack?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-cee37458fdbb707e7cde7e7f414ca570 wp-block-paragraph\"><span style=\"color: #000000;\">On May 7, 2021, the alleged Black Basta <strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/ransomware-groups\/\">ransomware group<\/a><\/span><\/strong> conducted a series of phishing campaigns to deceive employees into downloading malware files. Unfortunately, one of the company&#8217;s employees fell victim and downloaded the malware file. <strong>Once downloaded, the malware executed an XLS file containing VBS macros. These macros established unauthorized access to Cobalt Strike, a <span style=\"color: #183994;\">remote tool<\/span> used to execute commands.<\/strong><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Subsequently, the <strong>hackers gained access to the system&#8217;s database<\/strong>. According to standard reports, this malware attack impacted ABB&#8217;s Windows Active Directory, exposing numerous systems across different locations. As a result of this breach, several projects and business operations experienced disruption and delays.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><strong>Check out another article on <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/ransomware-as-a-service\/\">Ransomware as a Service (RaaS) attack<\/a><\/span><\/strong><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Is_Black_Basta_Behind_the_Attack\"><\/span><strong>Is Black Basta Behind the Attack?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400;\"><span style=\"color: #000000;\">Bleeping<\/span> <span style=\"color: #000000;\">Computers reported that the tech giant has fallen victim to a<strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attacks\/\"> ransomware attack<\/a><\/span><\/strong> led by the Russia-linked cybercriminal group Black Basta. Anonymous sources confirmed that the Black Basta ransomware group targeted ABB on May 7, as reported by the news outlet.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">The <strong>attack impacted multiple devices and Windows Active Directory<\/strong>, but ABB assured that it has terminated VPN connections with its customers to prevent further attacks on other networks. No reports have indicated that Black Basta has demanded a ransom or that any data from ABB has been observed on the dark web.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9033\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"446\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/blackbasta-attack-cycle-by-Bleeping-Computers.jpg\" alt=\"Black basta attack lifecycle\" class=\"wp-image-9033\"\/><figcaption class=\"wp-element-caption\">(Source: Bleeping Computer)<\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"ABBs_Take_on_the_Attack\"><\/span>ABB\u2019s Take on the Attack<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">According to ET CISO, ABB&#8217;s Group Spokesperson, Eike Christian Meuter, acknowledged that the company has implemented and is actively implementing actions to control the incident. These measures have caused some disruption to their operations, but ABB is actively addressing the issue. They are working closely with customers and partners to resolve the situation and minimize the impact of the attack.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Who_is_Black_Basta_Ransomware_Group\"><\/span>Who is Black Basta Ransomware Group?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Alleged to be a <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/cybernews.com\/news\/black-basta-linked-to-fin7\/\" target=\"_blank\" rel=\"noopener\"><strong>Russian-linked<\/strong><\/a><\/span> cybercriminal group, Black Basta first appeared in 2022. The group has already targeted more than 90 high-profile organizations like Deutsche Windtechnik, American Dental Association, Deutsche Windtechnik, and Capita. The hacker group coerces victims into paying a ransom by using the <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/hive-ransomware\/#:~:text=The%20affiliates%20employ,opportunity%20for%20extortion.\">double extortion method<\/a><\/strong><\/span>. Employing this technique, cybercriminals frequently expose compromised data in pieces, enticing the victims to buckle under pressure from both internal and external sources.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Ransomware attacks are among the costliest cyber attacks, as the statistics suggest that the <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/ransomware-cost\/\">cost of a ransomware attack<\/a><\/strong><\/span> is expected to grow exponentially to 231 Billion dollars by 2031. Organizations need robust cybersecurity measures at the moment. They must protect their systems and networks from potential malware and cyber threats.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Organizations must incorporate sophisticated <strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/ransomware-awareness-and-simulation\">ransomware simulation and awareness solutions<\/a><\/span><\/strong> to train their employees to prevent such attacks. Effective awareness training can transform your employees into the strongest defense in the organization, as it empowers them to recognize and resist phishing emails that attempt to lure them into downloading malware files.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">This July, we&#8217;re in the midst of Ransomware Awareness Month, an international campaign that highlights the dangers of ransomware and educates individuals and organizations on how to defend themselves. The timing of your interest in Black Basta coincides perfectly with this important initiative.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Organizations can significantly improve their security posture by implementing sophisticated ransomware simulations and awareness training for employees. Effective training empowers employees to recognize and resist phishing emails that attempt to lure them into downloading malware, making them the strongest defense against these attacks. Threatcop offers a <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">TSAT<\/a><\/strong><\/span> solution that provides ransomware simulation to make your employee as first defense.&nbsp;<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"> <strong>Threatcop&#8217;s Threat Simulation and Assessment Tool (TSAT)<\/strong> goes beyond traditional training methods. TSAT simulates real-world ransomware attacks, placing your employees in scenarios they might encounter. This hands-on experience allows them to practice identifying suspicious emails, attachments, and websites. &nbsp;<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"FAQs_Ransomware_Attack_on_ABB\"><\/span><strong>FAQs: Ransomware Attack on ABB<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1684752993850\"><strong class=\"schema-faq-question\">What is RaaS?<\/strong> <p class=\"schema-faq-answer\">Ransomware as a Service <strong>(<a href=\"https:\/\/threatcop.com\/blog\/ransomware-as-a-service\/#:~:text=Ransomware%20as%20a%20Service%20(RaaS)%20kits,not%20every%20assault%20will%20be%20successful.\">RaaS<\/a>)<\/strong> is a collaborative business model that involves a partnership between ransomware operators and affiliates. In this model, affiliates pay to utilize ransomware attacks developed by operators. Ransomware as a Service can be considered a derivative of the software as a service <strong>(SaaS)<\/strong> business model. The most common attack that takes place through this is Phishing emails.<br\/><\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1684753059501\"><strong class=\"schema-faq-question\">What is the Double-extortion tactic?<\/strong> <p class=\"schema-faq-answer\">Pay-now-or-get-breached or <a href=\"https:\/\/threatcop.com\/blog\/hive-ransomware\/#:~:text=Source%3A%20Bleeping%20Computer)-,How%20Does%20Hive%20Ransomware%20Group%20Work%3F,-The%20Hive%20ransomware\"><strong>Double-extortion<\/strong><\/a> is a method used by hackers to take ransom from the victims in bits. The threat actor first encrypts the stolen private data and then threatens to publish the information if said amount is not paid to him by the victim. They threaten victims to publish their data in the public domain or sell it to other companies at higher prices if the victim fails to pay the requested ransom.<br\/><\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1684753076539\"><strong class=\"schema-faq-question\">How can Organizations Prevent Ransomware Attacks?<\/strong> <p class=\"schema-faq-answer\">To prevent ransomware attacks, an organization should focus on strengthening the cyber security level of the systems and train its employees against cyber attacks. Providing regular <a href=\"https:\/\/threatcop.com\/ransomware-awareness-and-simulation\"><strong>Ransomware Awareness and Simulation<\/strong><\/a> training can turn your employees into cyber attack defenders and create a cyber-secure environment. This helps in equipping them with the knowledge and skills with a real-time ransomware simulation campaign. Humans can be the weakest link in an organization therefore training them regularly to have the skill set to acknowledge any cyber attack can be the best prevention from the <strong><a href=\"https:\/\/threatcop.com\/blog\/types-of-social-engineering-attacks\/\">social engineering attacks<\/a>.<\/strong><br\/><\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A ransomware attack disrupted business activities at Swiss-Robotic and automation major, ABB Ltd. The industrial tech behemoth confirmed on May 12, 2023, that they have suffered from an \u201cIT security incident\u201d that has obstructed some of its operations and systems worldwide. However, ABB claimed that most of its \u201csystems and factories are now up and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":9032,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[284],"tags":[],"class_list":["post-9030","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-digest"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop<\/title>\n<meta name=\"description\" content=\"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop\" \/>\n<meta property=\"og:description\" content=\"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-23T05:17:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-25T10:26:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Threatcop\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Threatcop\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/\"},\"author\":{\"name\":\"Threatcop\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\"},\"headline\":\"Swiss Tech Giant, ABB Hit by a Ransomware Attack\",\"datePublished\":\"2023-05-23T05:17:30+00:00\",\"dateModified\":\"2026-05-25T10:26:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/\"},\"wordCount\":985,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ABB.jpg\",\"articleSection\":[\"News and Digest\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#respond\"]}]},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/\",\"name\":\"Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ABB.jpg\",\"datePublished\":\"2023-05-23T05:17:30+00:00\",\"dateModified\":\"2026-05-25T10:26:52+00:00\",\"description\":\"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684752993850\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753059501\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753076539\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ABB.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/ABB.jpg\",\"width\":600,\"height\":576,\"caption\":\"(Source: Bleeping Computers)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Swiss Tech Giant, ABB Hit by a Ransomware Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"width\":951,\"height\":228,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\",\"name\":\"Threatcop\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"caption\":\"Threatcop\"},\"sameAs\":[\"https:\\\/\\\/threatcop.com\"]},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684752993850\",\"position\":1,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684752993850\",\"name\":\"What is RaaS?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Ransomware as a Service <strong>(<a href=\\\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-as-a-service\\\/#:~:text=Ransomware%20as%20a%20Service%20(RaaS)%20kits,not%20every%20assault%20will%20be%20successful.\\\">RaaS<\\\/a>)<\\\/strong> is a collaborative business model that involves a partnership between ransomware operators and affiliates. In this model, affiliates pay to utilize ransomware attacks developed by operators. Ransomware as a Service can be considered a derivative of the software as a service <strong>(SaaS)<\\\/strong> business model. The most common attack that takes place through this is Phishing emails.<br\\\/>\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753059501\",\"position\":2,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753059501\",\"name\":\"What is the Double-extortion tactic?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Pay-now-or-get-breached or <a href=\\\"https:\\\/\\\/threatcop.com\\\/blog\\\/hive-ransomware\\\/#:~:text=Source%3A%20Bleeping%20Computer)-,How%20Does%20Hive%20Ransomware%20Group%20Work%3F,-The%20Hive%20ransomware\\\"><strong>Double-extortion<\\\/strong><\\\/a> is a method used by hackers to take ransom from the victims in bits. The threat actor first encrypts the stolen private data and then threatens to publish the information if said amount is not paid to him by the victim. They threaten victims to publish their data in the public domain or sell it to other companies at higher prices if the victim fails to pay the requested ransom.<br\\\/>\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753076539\",\"position\":3,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/ransomware-attack-by-black-basta-on-abb\\\/#faq-question-1684753076539\",\"name\":\"How can Organizations Prevent Ransomware Attacks?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"To prevent ransomware attacks, an organization should focus on strengthening the cyber security level of the systems and train its employees against cyber attacks. Providing regular <a href=\\\"https:\\\/\\\/threatcop.com\\\/ransomware-awareness-and-simulation\\\"><strong>Ransomware Awareness and Simulation<\\\/strong><\\\/a> training can turn your employees into cyber attack defenders and create a cyber-secure environment. This helps in equipping them with the knowledge and skills with a real-time ransomware simulation campaign. Humans can be the weakest link in an organization therefore training them regularly to have the skill set to acknowledge any cyber attack can be the best prevention from the <strong><a href=\\\"https:\\\/\\\/threatcop.com\\\/blog\\\/types-of-social-engineering-attacks\\\/\\\">social engineering attacks<\\\/a>.<\\\/strong><br\\\/>\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop","description":"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/","og_locale":"en_US","og_type":"article","og_title":"Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop","og_description":"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.","og_url":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2023-05-23T05:17:30+00:00","article_modified_time":"2026-05-25T10:26:52+00:00","og_image":[{"width":600,"height":576,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg","type":"image\/jpeg"}],"author":"Threatcop","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Threatcop","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/"},"author":{"name":"Threatcop","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa"},"headline":"Swiss Tech Giant, ABB Hit by a Ransomware Attack","datePublished":"2023-05-23T05:17:30+00:00","dateModified":"2026-05-25T10:26:52+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/"},"wordCount":985,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg","articleSection":["News and Digest"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#respond"]}]},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/","url":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/","name":"Swiss Tech Giant, ABB Hit by a Ransomware Attack| Threatcop","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg","datePublished":"2023-05-23T05:17:30+00:00","dateModified":"2026-05-25T10:26:52+00:00","description":"A ransomware attack by Black Basta disrupted business activity at Swiss Tech Giant ABB. Learn how to prevent them in this blog.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684752993850"},{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753059501"},{"@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753076539"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/05\/ABB.jpg","width":600,"height":576,"caption":"(Source: Bleeping Computers)"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Swiss Tech Giant, ABB Hit by a Ransomware Attack"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","width":951,"height":228,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa","name":"Threatcop","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","caption":"Threatcop"},"sameAs":["https:\/\/threatcop.com"]},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684752993850","position":1,"url":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684752993850","name":"What is RaaS?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Ransomware as a Service <strong>(<a href=\"https:\/\/threatcop.com\/blog\/ransomware-as-a-service\/#:~:text=Ransomware%20as%20a%20Service%20(RaaS)%20kits,not%20every%20assault%20will%20be%20successful.\">RaaS<\/a>)<\/strong> is a collaborative business model that involves a partnership between ransomware operators and affiliates. In this model, affiliates pay to utilize ransomware attacks developed by operators. Ransomware as a Service can be considered a derivative of the software as a service <strong>(SaaS)<\/strong> business model. The most common attack that takes place through this is Phishing emails.<br\/>","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753059501","position":2,"url":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753059501","name":"What is the Double-extortion tactic?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Pay-now-or-get-breached or <a href=\"https:\/\/threatcop.com\/blog\/hive-ransomware\/#:~:text=Source%3A%20Bleeping%20Computer)-,How%20Does%20Hive%20Ransomware%20Group%20Work%3F,-The%20Hive%20ransomware\"><strong>Double-extortion<\/strong><\/a> is a method used by hackers to take ransom from the victims in bits. The threat actor first encrypts the stolen private data and then threatens to publish the information if said amount is not paid to him by the victim. They threaten victims to publish their data in the public domain or sell it to other companies at higher prices if the victim fails to pay the requested ransom.<br\/>","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753076539","position":3,"url":"https:\/\/threatcop.com\/blog\/ransomware-attack-by-black-basta-on-abb\/#faq-question-1684753076539","name":"How can Organizations Prevent Ransomware Attacks?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"To prevent ransomware attacks, an organization should focus on strengthening the cyber security level of the systems and train its employees against cyber attacks. Providing regular <a href=\"https:\/\/threatcop.com\/ransomware-awareness-and-simulation\"><strong>Ransomware Awareness and Simulation<\/strong><\/a> training can turn your employees into cyber attack defenders and create a cyber-secure environment. This helps in equipping them with the knowledge and skills with a real-time ransomware simulation campaign. Humans can be the weakest link in an organization therefore training them regularly to have the skill set to acknowledge any cyber attack can be the best prevention from the <strong><a href=\"https:\/\/threatcop.com\/blog\/types-of-social-engineering-attacks\/\">social engineering attacks<\/a>.<\/strong><br\/>","inLanguage":"en-US"},"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=9030"}],"version-history":[{"count":18,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9030\/revisions"}],"predecessor-version":[{"id":14622,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9030\/revisions\/14622"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/9032"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=9030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=9030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=9030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}