lockbit2 attacks JLL
Incident Date:
February 27, 2022
Overview
Title
lockbit2 attacks JLL
Victim
JLL
Attacker
Lockbit2
Location
First Reported
February 27, 2022
JLL, a Real Estate Giant, Suffers Ransomware Attack by Lockbit2
Company Overview
Jones Lang LaSalle (JLL), a leading global provider of real estate and investment management services, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. JLL operates in the Real Estate sector and has been impacted by the widespread MOVEit attack, which has affected a "limited number of files" within the organization.
JLL is a global company with a significant presence in the Chicago metro area, offering commercial real estate and investment management services. The company's services include local research, insights, recent news, client stories, and Chicago leadership, with Jaime Fink serving as the Senior Managing Director & Managing Broker for the Chicago Office.
Vulnerabilities and Impact
The Lockbit2 ransomware attack on JLL highlights the vulnerabilities of the real estate sector to cyber threats. The attack was likely facilitated by a zero-day vulnerability in third-party file transfer software owned by Progress Software, which was exploited by the Clop ransomware group. The impact of the attack on JLL includes unauthorized access to a limited number of files, and the company has taken immediate action to contain the malicious activity and patch its systems.
The Lockbit2 ransomware attack on JLL underscores the importance of cybersecurity in the real estate sector. As buildings become smarter and more connected, they also become more vulnerable to cyberattacks. Landlords and property managers must prioritize cybersecurity to safeguard their assets and the tenants that occupy them.
Sources
- Chicago corporate office locations & services | JLL
- Widespread MOVEit attack toll continues to grow | SC Media https://www.scmagazine.com/analysis/breach/widespread-moveit-attack-toll-continues-to-grow
- What we know about the MOVEit exploit and ransomware attacks | BlackFog https://www.blackfog.com/what-we-know-about-the-moveit-exploit-and-ransomware-attacks/
- JLL Security Rating, Vendor Risk Report, and Data Breaches | UpGuard
- Cybersecurity in the era of modern buildings - JLL
- Banks, hotels and hospitals among latest MOVEit mass-hack victims | TechCrunch https://techcrunch.com/2023/05/31/moveit-mass-hack-victims/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.