LockBit Ransomware Hits Dowley Security Systems in Houston
Incident Date:
September 15, 2024
Overview
Title
LockBit Ransomware Hits Dowley Security Systems in Houston
Victim
Dowley Security Systems
Attacker
Lockbit3
Location
First Reported
September 15, 2024
LockBit Ransomware Attack on Dowley Security Systems
Dowley Security Systems, a prominent electronic security and technology integration provider based in Houston, Texas, has recently fallen victim to a ransomware attack orchestrated by the notorious LockBit group. This incident has compromised the company's data and systems, highlighting the persistent threat posed by advanced ransomware groups.
About Dowley Security Systems
Founded in 2006, Dowley Security Systems specializes in delivering a wide range of security solutions tailored for commercial, government, and industrial sectors. The company adopts a holistic approach to security, integrating multiple systems to ensure the protection of life and property. Their offerings include access control systems, video surveillance, intrusion detection, life safety systems, perimeter security, and continuous monitoring services. Dowley has garnered recognition within the industry for its innovative solutions and commitment to excellence, including the 2012 Security Innovation Gold Medal Award and being named one of the Top 100 Systems Integrators in the U.S. in 2012.
Attack Overview
The ransomware attack on Dowley Security Systems was explicitly claimed by the LockBit group via their dark web leak site. LockBit, known for its sophisticated encryption techniques and aggressive ransom demands, has encrypted critical files within Dowley's network, rendering them inaccessible. The attackers have likely demanded a ransom payment in exchange for the decryption key, threatening to leak sensitive information if their demands are not met.
About LockBit Ransomware Group
LockBit is a highly sophisticated ransomware-as-a-service (RaaS) group that has been active since September 2019. It has become the most active ransomware group, responsible for over one-third of all ransomware attacks in the latter half of 2022 and the first quarter of 2023. LockBit employs "double extortion" tactics, exfiltrating sensitive data and threatening to release it publicly if the ransom is not paid. The ransomware uses a combination of RSA-2048 and AES-256 encryption algorithms to encrypt victims' files and is designed to exploit vulnerabilities in Remote Desktop Protocol (RDP) services and unsecured network shares to spread quickly across a network.
Potential Vulnerabilities
Dowley Security Systems, despite its extensive security offerings, may have been targeted due to potential vulnerabilities in its network infrastructure. The LockBit group is known to exploit weaknesses in RDP services and unsecured network shares, which could have been entry points for the attack. Additionally, the company's extensive involvement in critical infrastructure sectors such as healthcare, education, and energy makes it an attractive target for ransomware groups seeking high-value data.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.