lockbit2 attacks EMUCOR

Incident Date:

April 25, 2022

World map

Overview

Title

lockbit2 attacks EMUCOR

Victim

EMUCOR

Attacker

Lockbit2

Location

Conquistador Benito de Baños, Spain

cordoba, Spain

First Reported

April 25, 2022

Lockbit2 Ransomware Attack on EMUCOR

Company Overview

EMUCOR, a Fortune 500 entity renowned for its mechanical and electrical construction services alongside its contributions to industrial and energy infrastructure, reported a revenue of nearly $9.2 billion in the previous year. With operations spanning over 170 locations and a workforce of more than 33,000 employees worldwide, the company's extensive global footprint renders it an attractive target for cybercriminals.

Industry Standout

Renowned for its engineering and industrial construction services, EMUCOR holds a pivotal position in the Construction sector. Its esteemed reputation and market standing underscore its allure as a prime target for ransomware operatives.

Vulnerabilities

Ransomware perpetrators commonly exploit gaps such as outdated software, unpatched systems, or frail passwords. EMUCOR's expansive scale and international operations likely complicate the uniform application of security measures across all its venues and systems. The breach could have been precipitated by a phishing expedition or alternative social engineering stratagems.

Previous Attack

In 2020, EMUCOR fell prey to a Ryuk ransomware incursion, which remained undetected for an extended period post-infiltration. Despite successfully deactivating compromised IT frameworks and activating business continuity strategies, the episode inflicted considerable operational disruptions and financial detriment.

Ransomware Group

Lockbit2, a ransomware faction notorious for its audacious operations and targeting of high-profile entities, has been active since 2019. This group has orchestrated several notable assaults, including those against DCH Health System and EMCOR Group.

The Lockbit2 ransomware onslaught against EMUCOR underscores the persistent menace of cybercrime confronting businesses across all dimensions and sectors. With the construction industry's progressive digital transformation, the imperative for cybersecurity vigilance to safeguard operational integrity and reputational standing has never been more critical.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.