Cybersecurity Breach: LockBit 3.0 Attack on Pease Construction LLC

Incident Date:

May 1, 2024

World map



Cybersecurity Breach: LockBit 3.0 Attack on Pease Construction LLC


Pease Construction LLC




Lawewood, USA

Washington, USA

First Reported

May 1, 2024

LockBit 3.0 Ransomware Attack on Pease Construction LLC

Company Profile

Pease Construction LLC, a family-owned general contractor based in Lakewood, Washington, has been a significant player in the construction sector for over 35 years. Specializing in both public and private sector projects, the company is known for its commitment to safety, quality workmanship, and customer service. With a strong emphasis on a family-owned culture and integrity, Pease Construction has built a reputation for excellence in the construction industry.

Details of the Ransomware Attack

The LockBit 3.0 ransomware group, also known as LockBit Black, has claimed responsibility for a cyberattack on Pease Construction. The attack targeted the company's primary operational asset, its website, leading to significant disruptions. LockBit 3.0, known for its destructive capabilities and stealth, has made Pease Construction another victim in its series of global attacks targeting various sectors.

LockBit 3.0: A Closer Look at the Threat Actor

LockBit 3.0 operates under a Ransomware-as-a-Service (RaaS) model, enhancing its reach and impact through affiliates. This ransomware variant is particularly known for its ability to encrypt files rapidly, move laterally through networks, and evade detection by most conventional cybersecurity measures. The group has been involved in numerous high-profile attacks, underscoring its capability to infiltrate and paralyze large-scale enterprise networks.

Vulnerabilities and Potential Entry Points

While specific details of the breach have not been disclosed, common entry points for such attacks include phishing, exploitation of unpatched systems, or compromised credentials. For a construction firm like Pease Construction, the integration of technology with on-site operations could potentially open up vectors for cyberattacks, particularly if cybersecurity measures are not adequately enforced across all endpoints.



Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.