By 
After hackers penetrated its internal network and encrypted the company’s files, helicopter maker Kopter became the victim of a ransomware attack.
The ransomware gang published some of the company’s files on the internet on Friday after Kopter declined to engage with the hackers.
As part of their tactics, many ransomware groups upload and share victim data on special “leak sites” to bring pressure on the compromised businesses to either make them come to the negotiating table or compel them to pay massive ransom demands.
On a blog hosted on the dark web and run by the LockBit ransomware gang, the Kopter data has been published. Business documents, internal projects, and different standards of the aerospace and defense industry are shared files on this site.
The LockBit ransomware operators told in an email that last week they breached Kopter’s network by exploiting a VPN system that used a weak password and did not have 2-factor authentication (2FA) activated.
The LockBit gang also said they run a dark web portal where they show hacked companies details about the attack, including a ransom demand, to the hacked companies. LockBit operators said that the ransom page was accessed by someone from Kopter, but the company did not engage with them in a chat window provided to hacked companies.
Kopter has not publicly disclosed a security breach on its website or via business wires.
“In an email, the operators of the LockBit ransomware told ZDNet that they breached Kopter’s network last week by exploiting a VPN appliance that used a weak password and did not have two-factor authentication (2FA) enabled.” reported ZDNet.
Founded in 2007, the Swiss-based company is known for its line of small and medium-sized civilian helicopters.
The Italian aerospace and defense company Leonardo acquired Kopter for an undisclosed sum in January 2020.
