lockbit2 attacks EMUCOR
Incident Date:
April 25, 2022
Overview
Title
lockbit2 attacks EMUCOR
Victim
EMUCOR
Attacker
Lockbit2
Location
First Reported
April 25, 2022
Lockbit2 Ransomware Attack on EMUCOR
Company Overview
EMUCOR, a Fortune 500 entity renowned for its mechanical and electrical construction services alongside its contributions to industrial and energy infrastructure, reported a revenue of nearly $9.2 billion in the previous year. With operations spanning over 170 locations and a workforce of more than 33,000 employees worldwide, the company's extensive global footprint renders it an attractive target for cybercriminals.
Industry Standout
Renowned for its engineering and industrial construction services, EMUCOR holds a pivotal position in the Construction sector. Its esteemed reputation and market standing underscore its allure as a prime target for ransomware operatives.
Vulnerabilities
Ransomware perpetrators commonly exploit gaps such as outdated software, unpatched systems, or frail passwords. EMUCOR's expansive scale and international operations likely complicate the uniform application of security measures across all its venues and systems. The breach could have been precipitated by a phishing expedition or alternative social engineering stratagems.
Previous Attack
In 2020, EMUCOR fell prey to a Ryuk ransomware incursion, which remained undetected for an extended period post-infiltration. Despite successfully deactivating compromised IT frameworks and activating business continuity strategies, the episode inflicted considerable operational disruptions and financial detriment.
Ransomware Group
Lockbit2, a ransomware faction notorious for its audacious operations and targeting of high-profile entities, has been active since 2019. This group has orchestrated several notable assaults, including those against DCH Health System and EMCOR Group.
The Lockbit2 ransomware onslaught against EMUCOR underscores the persistent menace of cybercrime confronting businesses across all dimensions and sectors. With the construction industry's progressive digital transformation, the imperative for cybersecurity vigilance to safeguard operational integrity and reputational standing has never been more critical.
Sources
- "Ryuk Ransomware Attacks Fortune 500 Company Emcor - MSSP Alert"
- "Report Ransomware | CISA"
- "Hackers hit $9B Norwalk corporation with 'ransomware' attack - TheHour"
- "RYUK Ransomware attack on Emcor Group - Cybersecurity Insiders"
- "Ryuk ransomware hits Fortune 500 company EMCOR - ZDNET"
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.