Underwriters Laboratories LLC, better recognized as UL, suffered a ransomware attack in which criminals encrypted the company’s servers and made UL to shut down its systems.
The UL logo imprinted on the back of most common devices is instantly recognizable to many. UL is the largest and oldest safety certification company and developer of PC benchmark tools in the United States. It operates globally with offices in 46 countries.
The safety certification company shut down its systems to prevent the hackers from further spreading the attack. UL advised its employees not to communicate with the suspected criminals nor visit any sites related to the attack.
UL refused to pay the ransom and hopes to restore the encrypted data from backups. Meanwhile, the myUL.com client portal remains offline.
The attack happened last Friday, February 19, but UL detected unusual activity on its systems earlier, on February 13. The company immediately took measures to address the situation. The company engaged a leading cybersecurity firm to help with the investigation and alerted the authorities.
“Our immediate priority is to restore our systems to minimize any disruption this has on our customers,” promised UL in a response to BeepingComputer.
The company can’t say what data has been lost: “Until we learn more from our investigation, we cannot speculate as to the type of information that may be potentially impacted. If we determine that data is impacted, we will take appropriate actions.”
Nor does UL knows what ransomware the criminals used in the ransomware attack, who is behind it, and whether they stole any unencrypted files.
The ransomware gang has most likely tried to steal the data during the attack because most ransomware attacks against enterprises steal unencrypted files later to be used in a double-extortion strategy.
