lockbit2 attacks comune.g

Incident Date:

March 27, 2022

World map



lockbit2 attacks comune.g






Via G. Matteotti, Italy

Ghilaraza, Italy

First Reported

March 27, 2022

Comune di Ghilarza: A Small Government Entity Targeted by Lockbit2 Ransomware

Company Profile

The Comune di Ghilarza is a local government entity located in the central part of Sardinia, Italy. Nestled between the northern and southern regions of the island, this area is celebrated for its diverse landscapes and rich history. The town is also renowned for its cultural contributions, notably the Scuola Civica di musica, which orchestrates events spanning from May to June 2024.

Vulnerabilities and Threats

Ransomware attacks frequently leverage unpatched vulnerabilities within software and applications. For the Comune di Ghilarza, it is probable that the attackers exploited weaknesses within the town's IT infrastructure. Research indicates that 32% of ransomware attacks reported by survey participants in the previous year were initiated through an exploited vulnerability. Although the specific vulnerabilities targeted in this instance are not detailed, data suggests that 32% of ransomware attacks in small businesses (with annual revenues below $50M) and 30% in mid-sized businesses (with revenues between $50M and $1B) commence from such security gaps.

Ransomware Trends

The landscape of ransomware attacks is evolving, with adversaries increasingly capitalizing on zero-day and one-day vulnerabilities to infiltrate target networks. The period from the first quarter of 2022 to the first quarter of 2023 saw a 143% increase in the number of organizations falling victim to ransomware attacks. Notably, attackers are shifting their focus from encrypting victim data to outright theft of sensitive information, threatening to sell or leak this data as a means of extortion.

Mitigation Strategies

To counter the threat of ransomware, organizations are advised to promptly address newly disclosed vulnerabilities, gain an understanding of the adversary's tactics, techniques, and procedures (TTPs), and establish comprehensive backup and restoration protocols. Furthermore, enhancing employee awareness of phishing schemes and promoting good password practices are critical steps in minimizing the risk of social engineering and brute-force attacks.


  • "2022 Cyber Security Statistics: The Ultimate List Of Stats, Data & Trends" - URL not found
  • "Ransomware Attacks and Defense Strategies: 2022 Trends" - URL not found
  • "Understanding Ransomware and Strategies for Prevention and Response" - URL not found

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.