lockbit2 attacks DAP Bölge Kalkınma İdaresi Başkanlığı

Incident Date:

February 5, 2022

World map

Overview

Title

lockbit2 attacks DAP Bölge Kalkınma İdaresi Başkanlığı

Victim

DAP Bölge Kalkınma İdaresi Başkanlığı

Attacker

Lockbit2

Location

Yakutiye, Turkey

Erzurum, Turkey

First Reported

February 5, 2022

Ransomware Attack on DAP Bölge Kalkınma İdaresi Başkanlığı

Company Overview

DAP, officially known as Doğu Anadolu Projesi Bölge Kalkınma İdaresi Başkanlığı, is a pivotal government sector organization in Turkey, tasked with spearheading regional development initiatives in the Eastern Anatolia region. Its mission encompasses fostering economic growth and enhancing the living standards of the area's inhabitants.

Vulnerabilities and Targeting

The precise vulnerabilities exploited in the ransomware attack on DAP remain unspecified. Nonetheless, it is widely acknowledged that ransomware perpetrators, such as the Lockbit2 group which has claimed responsibility for this incident, typically leverage flaws in software, outdated systems, or human error to infiltrate their targets' networks. Given DAP's governmental status and the potential for a significant ransom, it is plausible that these factors contributed to its selection as a target by Lockbit2.

Mitigation Strategies

To defend against ransomware threats, organizations are advised to adopt comprehensive cybersecurity practices. These include:

  • Ensuring timely updates of software and systems to address known vulnerabilities.
  • Conducting regular employee training on the dangers of phishing and other forms of social engineering.
  • Enforcing stringent access controls coupled with multi-factor authentication.
  • Maintaining up-to-date backups of essential data and verifying the effectiveness of disaster recovery procedures.
  • Continuously monitoring network activity for anomalies and swiftly acting upon any indicators of compromise.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.