Cybersecurity Threat Advisory: LockBit Ransomware
Posted on August 16, 2021 by Mike Beagles
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Global consulting firm Accenture recently hit by a ransomware attack that allegedly was carried out by the ransomware group LockBit.
What is the Threat?
LockBit ransomware is malicious software designed to block user access to computer systems in exchange for a ransom payment. The ransomware automatically will scan for valuable targets, spread the infection, and encrypt all accessible computer systems on a network. This ransomware is used for highly targeted attacks against enterprises and other organizations.
Why is it Noteworthy?
The cyber intelligence firm Cyble reported that LockBit sought a $50 million ransom for six terabytes of data that it was able to retrieve from Accenture. Cybercrime intelligence company Hudson Rock reported that about 2,500 computers of employees and partners were compromised.
What is the Risk?
Regarding this current attack on Accenture, LockBit claims to have an inside agent who still is working within the company. Although this likely is a scare tactic, following standard security procedures such as “least privilege” becomes even more imperative to shrink attack vectors.
MCP recommends that IT professionals reassess and simplify user account permissions and clean out outdated and unused accounts. In addition, preparing systemwide backups and cleaning local machine images can be crucial if an attack occurs.
If you are looking for guidance, please reach out. MCP offers a comprehensive cybersecurity solutions suite that is designed specifically for public-safety and justice entities and other critical-infrastructure organizations, to help them determine their network, data, and application vulnerabilities. We can help you develop a complete cyberattack prevention strategy. Contact us today to learn more.
For more in-depth information about the recommendations, please visit the following links: