Ransomware Attack on Sonoco Products Company by LockBit 3.0

Victim Company Profile

Sonoco Products Company is a global packaging solutions provider that has been operating since 1899, with a presence in more than 85 nations and 330 global plants. The company emphasizes sustainability and eco-friendly solutions, aiming to address various needs from delivering convenient snacks to reducing food waste and preserving the planet.

They offer packaging solutions for a wide range of markets, including protective packaging for goods like refrigerators and electronics. The company has made significant strides in enhancing its packaging solutions, such as introducing fully recyclable packaging solutions like the EnviroCan® and GreenCan®.

Company Vulnerabilities

Sonoco Products Company, being a global leader in packaging solutions, stands out in the industry due to its commitment to sustainability and innovative packaging solutions. Its extensive operations in over 85 countries and 330 global plants make it a prime target for threat actors like LockBit 3.0. The company's wide range of packaging solutions and services, catering to various markets, provides ample opportunities for cybercriminals to exploit vulnerabilities in their systems and launch ransomware attacks.

Ransomware Group Distinction

LockBit 3.0, also known as LockBit Black, distinguishes itself by being an advanced variant of the LockBit ransomware group. It encrypts files, modifies their filenames, changes the desktop wallpaper, and drops a ransom note on the victim's desktop. The ransomware is heavily obfuscated and protected against analysis, making it difficult for security researchers to study.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group, resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos," a collaborative effort by international law enforcement agencies. Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform, with subsequent attacks adding to the tally. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.

Sources:

• Sonoco Products Company Website
• AnnualReports - Sonoco Products Company
• Sonoco Products Company North America
• Sonoco Europe
• UK Essays - Sonoco Products Company
• Washington State Department of Ecology - Sonoco Products Company
• VMware Blog - LockBit 3.0
• SentinelOne - LockBit 3.0
• Trend Micro - LockBit 3.0
• Times of India - LockBit 3.0
• Wazuh Blog - LockBit 3.0