lockbit2 attacks Digital Card Corporation
Incident Date:
May 1, 2022
Overview
Title
lockbit2 attacks Digital Card Corporation
Victim
Digital Card Corporation
Attacker
Lockbit2
Location
First Reported
May 1, 2022
Digital Card Corporation Suffers Ransomware Attack
Company Overview
Digital Card Corporation, a Swiss entity, is recognized for its innovative approach in the finance sector through its digital postcard services. The company promotes a Premium membership at a cost of CHF 20.- (EUR 20.-) annually, offering a range of benefits to its subscribers.
Industry Standout
The firm distinguishes itself within the finance industry by providing a unique service—digital postcards. This offering is notably distinct from the conventional services provided by other companies in the sector.
Vulnerabilities
While the exact vulnerabilities exploited in the ransomware attack on Digital Card Corporation remain undisclosed, it is widely acknowledged that ransomware groups like Lockbit2 leverage weaknesses such as unpatched software, insufficiently strong credentials, or social engineering to infiltrate systems.
Ransomware Group
Lockbit2, the ransomware group claiming responsibility for this attack, is notorious for its advanced encryption methods and assertive strategies. Active since at least November 2021, Lockbit2 has executed numerous attacks across different sectors, including finance.
Mitigation Strategies
To counter the threat of ransomware, organizations are advised to adopt comprehensive cybersecurity practices. These include strengthening endpoint security, enhancing defenses against lateral movements, restricting or eliminating cached credentials on endpoints, and adhering to NIST guidelines for password management and rotation, especially for privileged accounts. The implementation of multi-factor authentication (MFA), segregation of admin accounts, regular security assessments, a solid incident response framework, and ongoing employee training on social engineering are critical for minimizing vulnerabilities and mitigating the impact of potential attacks.
Sources
- NIST Guidelines on Password Security: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf
- Understanding Ransomware and Strategies for Prevention and Response: https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.