lockbit2 attacks KOMAG industrielle

Incident Date:

February 23, 2022

World map

Overview

Title

lockbit2 attacks KOMAG industrielle

Victim

KOMAG industrielle

Attacker

Lockbit2

Location

Wasserwerk, Germany

Volklingen, Germany

First Reported

February 23, 2022

KOMAG Industrielle Targeted by Lockbit2 Ransomware Group

Company Overview

KOMAG Industrielle is a German company that specializes in the production of high-quality components for the automotive industry. The company's website showcases its expertise in the field, highlighting its commitment to innovation and quality.

Industry Landscape

The manufacturing sector has been a significant target for ransomware attacks, with 70% of such attacks targeted at organizations in the manufacturing industry. The sector's accelerated pace of digitization has made it more vulnerable to cyber threats, as many companies have not invested adequately in IoT security.

Vulnerabilities

Ransomware groups have been employing various tactics to target industrial organizations, including exploiting zero-day vulnerabilities, leveraging social engineering, targeting public-facing services, and compromising IT service providers. The Lockbit2 group, in particular, has been observed using a data-centric extortion model, while others have moved to the double extortion model.

Impact

Ransomware attacks on industrial organizations can have significant consequences, including operational disruptions, supply chain impacts, and financial losses. The Lockbit2 group's attack on KOMAG Industrielle is part of a broader trend of increased ransomware activity in the industrial sector, which has seen a 50% increase in 2023 compared to the previous year.

The Lockbit2 ransomware group's attack on KOMAG Industrielle underscores the growing threat of ransomware to industrial organizations, particularly those in the manufacturing sector. As the number of victims willing to pay ransoms diminishes, ransomware groups have shifted their focus towards larger organizations, resorting to widespread ransomware distribution attacks to sustain their revenues. Companies like KOMAG Industrielle must remain vigilant and adopt robust cybersecurity measures to protect their operations from such threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.