TETRA Technologies, Inc., a diversified oil and gas services company operating through divisions including Fluids, Production Testing, Compression, and Offshore, has reportedly fallen victim to the Akira ransomware group. This TETRA Technologies cyberattack has put crucial data at risk, including personal documents like passports, birth certificates, and driver’s licenses, as well as confidential agreements and NDAs. The threat actor responsible for the attack has indicated their intention to release approximately 40GB of sensitive data. Despite these claims, TETRA Technologies has not yet issued an official statement confirming or denying the breach.

Decoding the TETRA Technologies Cyberattack Claim by Akira Ransomware

[caption id="attachment_77529" align="alignnone" width="716"] Source: Dark Web[/caption] The Cyber Express has reached out to the organization to learn more about this TETRA Technologies cyberattack. However, at the time of writing this, no official statement or response has been received, leaving the claims for the TETRA Technologies cyberattack unconfirmed. While the company’s public-facing website appears to be operational, it is speculated that the attack may have targeted internal systems or backend infrastructure rather than causing a visible disruption like a DDoS attack or website defacement. The threat actor behind this attack, Akira ransomware, has emerged as a significant threat in cybersecurity, highlighted by the Cybersecurity and Infrastructure Security Agency (CISA) warning and its widespread impact across various industries worldwide. Known for a dual extortion tactic involving data exfiltration and encryption, Akira ransomware demands ransom payments to prevent data publication on their dark website and to receive decryption keys. The group's name references a 1988 anime film, and they use specific strings like "*.akira" and "akira_readme.txt" for detection. 

TETRA Technologies Releases New Processes for Managing Cybersecurity Risks and Governance

In their recent regulatory filings, specifically the 10-K filed on 2024-02-27, TETRA Technologies detailed their cybersecurity risk management and governance processes. These include ongoing risk assessments, incident response planning, and the implementation of cybersecurity training programs for employees. The company acknowledges the persistent evolution of cyber threats and emphasizes the importance of maintaining robust defenses against potential attacks. The Vice President of Information Technology leads TETRA Technologies’ cybersecurity initiatives, supported by a comprehensive framework to assess, identify, and manage cybersecurity risks across their operations. Regular updates and enhancements to their security protocols are integral to adapting to emerging threats and complying with regulatory standards. The Board of Directors and Audit Committee of TETRA Technologies provide oversight on cybersecurity matters, receiving periodic updates on the company’s cybersecurity risk profile and incident response capabilities. Management highlighted its commitment to safeguarding sensitive information and maintaining operational continuity despite the challenges posed by cyber threats. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.