lockbit2 attacks Comet Group
Incident Date:
February 4, 2022
Overview
Title
lockbit2 attacks Comet Group
Victim
Comet Group
Attacker
Lockbit2
Location
First Reported
February 4, 2022
Comet Group Suffers Ransomware Attack by Lockbit2
Overview of the Incident
The Comet Group, a Swiss enterprise renowned for its advancements in radio frequency and x-ray technology, has recently fallen victim to a ransomware attack orchestrated by the notorious Lockbit2 group. This incident was disclosed on the group's dark web leak site. The Comet Group is recognized for its significant contributions to the manufacturing sector, boasting a global footprint with production facilities and subsidiaries spread across China, Denmark, Germany, Switzerland, the USA, and Malaysia.
Despite generating annual sales of CHF 397.5 million in 2023 and employing over 1,700 individuals worldwide, the Comet Group's extensive operations did not shield it from becoming a target of Lockbit2. This event underscores the persistent vulnerabilities faced by large corporations in today's digital landscape.
Lockbit2's Modus Operandi
Lockbit2, active since at least 2022, has gained notoriety for its aggressive ransomware campaigns against major organizations, demanding hefty ransoms. The group's attack on the Comet Group exemplifies the critical need for comprehensive cybersecurity defenses to thwart such threats.
While the Comet Group's website remains silent on the specifics of the breach or the extent of the damage incurred, the company's emphasis on innovation and data-centric services might have made it an attractive target for its valuable data assets. This incident serves as a stark reminder of the omnipresent cyber threats facing organizations today, highlighting the importance of proactive cybersecurity measures.
Sources
- Comet Group: https://comet.tech
- Major ransomware site taken down in international law enforcement sting: https://www.thecomet.net/news/national/24131360.major-ransomware-site-taken-international-law-enforcement-sting/
- The 10 Biggest Ransomware Attacks of 2021: https://illinois.touro.edu/news/the-10-biggest-ransomware-attacks-of-2021.php
- Play ransomware group stole 65000 Swiss government files: https://www.linkedin.com/posts/gold-comet-messaging_play-ransomware-group-stole-65000-swiss-activity-7173380838410162176-JZB6
- Lazarus Group: https://en.wikipedia.org/wiki/Lazarus_Group
- Second ransomware group demands UnitedHealth pay for stolen data: https://www.pcmag.com/news/second-ransomware-group-demands-unitedhealth-pay-for-stolen-data
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.