lockbit2 attacks Ethiopian Airlines
Incident Date:
May 1, 2022
Overview
Title
lockbit2 attacks Ethiopian Airlines
Victim
Ethiopian Airlines
Attacker
Lockbit2
Location
First Reported
May 1, 2022
Ethiopian Airlines Suffers Ransomware Attack by LockBit2
Ethiopian Airlines, a major player in the transportation sector, has reportedly been targeted by the ransomware group LockBit2. The attack was announced on the group's dark web leak site, with the victim's website being https://www.ethiopianairlines.com/. The airline operates in the transportation sector and is known for its significant presence in the industry.
Company Profile
Ethiopian Airlines is a significant player in the aviation industry, with a wide range of destinations and a large number of passengers. The company has been expanding its operations and has been recognized for its contributions to the transportation sector.
Vulnerabilities and Impact
The exact details of the attack and its impact on Ethiopian Airlines are not provided in the search results. However, it is mentioned that LockBit2 has claimed to have accessed credentials of the airline, which could have been used to expand their access into additional systems. The group has a history of posting names of companies they claim to have attacked on their own leak site, which could indicate a potential attempt to extort money from the company under false pretenses.
Previous Attacks
LockBit2 has been involved in several high-profile attacks, including one on Accenture, which was publicly revealed in August 2021. The group claimed to have collected sufficient data from the Accenture attack to breach some of their clients, including Ethiopian Airlines.
Mitigation Strategies
While the article does not provide specific mitigation strategies, it is generally recommended for organizations to prioritize patching vulnerabilities, implement multi-factor authentication, and regularly back up data to prevent the impact of ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.