KHS, a German Steuerberatungs- und Wirtschaftsprüfungsgesellschaft, Targeted by Lockbit2 Ransomware Group

KHS, a German company specializing in tax consulting and auditing, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is KHS operates in the Business Services sector and is known for its expertise in national and international tax law, as well as its services in accounting and business valuation.

Company Profile

KHS is a mid-sized company based in Cologne, Germany. It provides tax consulting and auditing services to both national and international clients, including businesses and individuals. The company's team of tax advisors and auditors has a recognized expertise in national and international tax law, and they combine this knowledge with expertise in accounting and business valuation.

Vulnerabilities and Targeting

The specific vulnerabilities that led to KHS being targeted by Lockbit2 are not publicly disclosed. However, ransomware groups often exploit unpatched software, weak passwords, or phishing attacks to gain access to a target's network. In the case of KHS, it is unclear whether the company had any specific vulnerabilities that made it more susceptible to a ransomware attack.

Impact and Response

The ransomware attack on KHS has caused disruptions to the company's internal IT systems and has taken some of its subsidiary websites offline. KHS has hired external cybersecurity experts to recover from the incident and is in touch with its insurers. The company has not disclosed whether it has paid a ransom to the attackers.

Mitigation Strategies

To mitigate the risk of ransomware attacks, companies should regularly conduct vulnerability scanning to identify and address vulnerabilities, especially on internet-facing devices. They should also maintain offline, encrypted backups of data and regularly test backups. Regularly patching and updating software and operating systems is also crucial in preventing ransomware attacks.

Sources

• KHS Wirtschaftsprüfer • Steuerberater in Köln
• Stop Ransomware - CISA https://www.cisa.gov/stopransomware
• The Top Target For Ransomware? It's Now K-12 Schools - Forbes https://www.forbes.com/sites/daveywinder/2020/09/12/cybersecurity-alert-2020-the-top-target-for-ransomware-is-now-k-12-schools/
• HHS' Office for Civil Rights Settles Ransomware Cyber-Attack Investigation https://www.hhs.gov/about/news/2020/10/29/hhs-office-for-civil-rights-settles-ransomware-cyber-attack-investigation.html
• Exclusive: DHS investigating whether floor plans and other security information was compromised in ransomware attack on Johnson Controls - CNN https://www.cnn.com/2020/10/22/politics/dhs-ransomware-attack-johnson-controls/index.html