lockbit2 attacks Arcelormittal

Incident Date:

May 16, 2022

World map



lockbit2 attacks Arcelormittal






, Norway

Lillestrom, Norway

First Reported

May 16, 2022

Arcelormittal Suffers Ransomware Attack

Arcelormittal, a leading global steel and mining company, recently fell victim to a ransomware attack orchestrated by the Lockbit2 group, as revealed through a dark web leak. The company, known for its extensive portfolio in steel sections, bearing piles, channels, angles, square bars, and round bars, represents a significant player in the manufacturing sector. This sector's critical role in the global economy, combined with the operational dependencies on digital technologies, renders it a prime target for cybercriminals.

The multinational stature of Arcelormittal, coupled with its pivotal position within the steel industry, underscores the heightened risk profile for such entities against cyber threats. The manufacturing sector, in particular, faces a heightened risk of ransomware attacks, attributed to the potential for substantial financial repercussions and operational disruptions.

Implications for Cybersecurity in Manufacturing

The incident involving Arcelormittal serves as a stark reminder of the imperative for fortified cybersecurity defenses within the manufacturing sector. To safeguard against the burgeoning threat of ransomware, it is crucial for companies to deploy advanced security measures. These include the integration of security event managers, patch management systems, and antivirus solutions equipped with ransomware protection features. Furthermore, the establishment of regular data backup routines and the diligent application of security software emerge as critical strategies in mitigating the impact of ransomware incursions.

Through the adoption of comprehensive security tools and practices, companies within the manufacturing domain can significantly bolster their resilience against ransomware threats. This proactive approach not only minimizes the potential for financial and operational setbacks but also enhances the overall security posture of the organization.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.