The Switzerland-based helicopter manufacturer Kopter has reportedly suffered a ransomware infection after attackers have compromised its internal network and encrypted the company's files, ZDNet reports.
Kopter Group was founded in 2007 and was acquired by the Italian aerospace and defense company Leonardo in April 2020. Kopter is specializing in the design of small and medium-class civilian helicopters.
The culprit behind the attack is the LockBit ransomware gang, which has posted some of the stolen data on their leak site after the company has refused to pay the ransom. The leaked information includes business documents, internal projects, and various aerospace and defense industry standards.
The operators of the LockBit ransomware told ZDNet that they compromised the Kopter’s network via a VPN appliance that used a weak password and did not have two-factor authentication (2FA) enabled.
The gang also said that they run a web site on the dark web where they demonstrate details of attacks to compromised companies, including a ransom demand. According to the group, someone from Kopter accessed a ransom page, but the company did not contact them.
At the time of this writing, Kopter has yet to publicly disclose the security breach.