lockbit2 attacks ismea

Incident Date:

March 21, 2022

World map



lockbit2 attacks ismea






Viale Liegi, Italy

Roma, Italy

First Reported

March 21, 2022

LockBit 2.0 Ransomware Attack on ISMEA

Company Overview

ISMEA, an Italian business services provider, offers consulting, training, and support for businesses across various sectors through its website. Despite the breadth of services advertised, the site lacks detailed insights into the company's size or specific areas of expertise.

Vulnerabilities and Targeting

Since its emergence in June 2021, LockBit 2.0, a ransomware-as-a-service (RaaS), has become known for its rapid encryption capabilities, posing a significant threat to organizations worldwide. The attack on ISMEA reflects a growing trend of ransomware attacks targeting businesses, leading to substantial personal data breaches. The expansion of businesses' external attack surfaces, including internet-accessible IT assets like websites, web applications, and cloud services, has introduced new vulnerabilities exploitable by cybercriminals.

Mitigation and Response

To counter the threat of ransomware, organizations are advised to adopt a continuous threat exposure management (CTEM) program. This approach emphasizes proactive threat identification, vulnerability management, and swift response mobilization. By prioritizing vulnerabilities based on their potential impact and exploitability, and aligning with the current threat landscape, organizations can address critical weaknesses first. Effective operationalization of teams is also crucial to minimize implementation friction and enhance mitigation efforts. In the event of a ransomware attack, a coordinated response is essential to contain the malware's spread and preserve vital forensic evidence for post-incident analysis and future defense strengthening.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.