Sandhills Global, a leading industry publication, has been hit by ransomware, rendering their hosted websites unavailable and affecting their business activities.
Sandhills Global is a trade publishing and hosting firm headquartered in the United States. It serves the transportation, technology, agriculture, heavy machinery, and aviation industries.
This company produces a variety of printed and online magazines that include industry news as well as a marketplace for dealers to sell new and old machines.
On Thursday, Sandhills Global’s website and its hosted publications turned offline, and their telephones also stopped working.
Users are presented with a Cloudflare Origin DNS error page while attempting to access websites hosted on the platform of Sandhills, suggesting that Cloudflare cannot connect to the servers of Sandhills.
Several sources have also verified that the disruptions are the result of a Conti ransomware campaign.
This incident happened during the early morning hours of Thursday, prompting the firm to take down all of its IT systems to prevent the spread of the attack.
Truck Paper, AuctionTime, ForestryTrader, Machinery Trader, TractorHouse, RentalYard, HiBid, CraneTrader, Motorsports Universe, MarketBook, RV Universe, Aircraft, LiveStockMarket, Controller, and Oil Field Trader are just a few of the well-known Sandhills publications that aren’t accessible.
Over the years, the Conti ransomware group has been responsible for several high-profile cyberattacks, including those on JVCKenwood, Ireland’s Health Service Executive (HSE), the City of Tulsa, and Advantech.
When carrying out attacks, the Conti gang typically takes files before encrypting devices in order to have additional leverage during extortion efforts. They then ask for multi-million ransom payments in exchange for a decryptor and the promise not to expose stolen information.
It’s unclear how much the Conti wants from Sandhills or whether they took any information during the hack.