LockBit 3.0 Ransomware Attack on GRC Consultants Ltd.

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on GRC Consultants Ltd.

Victim

G. R. si. Consultants Ltd

Attacker

Lockbit3

Location

Haifa, Israel

, Israel

First Reported

May 9, 2024

Ransomware Attack on GRC Consultants Ltd. by LockBit 3.0

Victim Company Profile

GRC (GRC Consultants Ltd.) is an Israel-based company that provides professional consulting services in the areas of internal audit, internal control, and risk management and assessment. They operate in the Business Services sector and offer a range of services including internal audit, risk management consulting, quality assessment of internal audit, training and workshops, internal control services, and information systems audit. GRC Consultants Ltd. stands out in the industry for its expertise in governance, risk management, and compliance processes, helping organizations enhance their operations through comprehensive consulting services.

GRC Consulting, based in Israel, was targeted in a ransomware attack by the cybercrime group LockBit 3.0. The attack involved the exfiltration of 12 GB of data, including sensitive information such as financial data, invoices, and potentially other business-related documents. The attacker did not specify a ransom demand but leaked a sample of the stolen data. This incident highlights the persistent threat of ransomware attacks and the importance for organizations to strengthen their cybersecurity measures to prevent and respond to such attacks effectively. As a consulting firm dealing with critical organizational data, GRC Consultants Ltd. became a prime target for ransomware groups seeking to exploit valuable information for financial gain.

LockBit May Attacks

This ransomware attack on GRC Consultants Ltd. is part of the May 2024 attacks perpetrated by the ransomware group LockBit 3.0. The cybercriminal group resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting numerous victims across sectors and countries, showcasing its global reach and adaptability.

Ransomware Group Distinction

LockBit 3.0 distinguishes itself through its advanced capabilities, including file encryption, desktop modifications, and ransom note delivery. The ransomware's obfuscation and lateral movement within networks make it challenging for security researchers to analyze and combat effectively.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.