lockbit2 attacks fazenda

Incident Date:

April 22, 2022

World map



lockbit2 attacks fazenda






Centro, Brazil

Rio de Janeiro - RJ, Brazil

First Reported

April 22, 2022

Fazenda Ransomware Attack: A Threat to Latin American Government Entities

Victim Profile

Fazenda is a government entity, but specific details about the size of the company, its unique features, and vulnerabilities are not readily available from the search results. However, the attack on Fazenda is part of a broader trend of ransomware attacks targeting Latin American government entities.

Ransomware Attacks in Latin America

Ransomware attacks on Latin American government entities have been escalating, with the most likely attack vectors including the use of compromised valid credentials, often obtained through infostealers, and sold by initial access brokers on dark web marketplaces. The region's lack of proper cybersecurity education, hygiene, and infrastructure has made it a prime target for such attacks, which could pose a significant national security risk if they target critical infrastructure and services.

Mitigating Ransomware Attacks

To mitigate the risk of ransomware attacks, organizations should maintain good cyber hygiene habits, such as conducting regular vulnerability scanning, maintaining offline, encrypted backups of data, and regularly patching and updating software and operating systems. In the event of an attack, victims should report to federal law enforcement via the Internet Crime Complaint Center (IC3) or a Secret Service Field Office and can request technical assistance or provide information to help others by contacting the Cybersecurity and Infrastructure Security Agency (CISA).

The attack on Fazenda underscores the need for Latin American governments to strengthen their cybersecurity defenses against ransomware threats. By implementing robust security measures and staying vigilant, organizations can reduce their risk of falling victim to these types of attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.