LockBit 3.0 Ransomware Targets Nine Dragons Paper: A Cybersecurity Threat to the Paper Industry

Incident Date:

April 15, 2024

World map



LockBit 3.0 Ransomware Targets Nine Dragons Paper: A Cybersecurity Threat to the Paper Industry


Nine Dragons Paper




Dongguan City, China

, China

First Reported

April 15, 2024

LockBit 3.0 Targets Nine Dragons Paper in Ransomware Attack

Attack overview

The LockBit 3.0 ransomware group, known for its disruptive cyber attacks, has recently claimed responsibility for an attack on Nine Dragons Paper, a prominent player in the paper manufacturing industry. The attack was announced on LockBit 3.0's dark web leak site, indicating a serious security breach at Nine Dragons Paper.

Company Profile

Nine Dragons Paper is a well-established company in the United States, specializing in a variety of paper products including printing, packaging, and office supplies. With over 20 years in the industry, the company has carved out a niche by offering high-quality, diverse paper types such as recycled, coated, and uncoated paper, alongside custom printing services.

Despite its small business stature, Nine Dragons Paper has a significant impact in the paper product market, focusing on sustainability and customer-centric services. Their website features a user-friendly interface, providing insights through a dedicated blog and customer testimonials.

Vulnerabilities and Targeting

The choice of Nine Dragons Paper as a target by LockBit 3.0 could be attributed to several factors. As a small yet influential company, it may not have the same cybersecurity measures that larger corporations might possess, making it a more accessible target for ransomware attacks. The industry's reliance on digital systems for inventory and customer management also makes it vulnerable to disruptions caused by data encryption, a typical modus operandi of ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.