Ransomware Attack on CCLI: A Vulnerability in the Media & Internet Sector

Company Size and Industry Standout

CCLI stands as a significant entity within the Media & Internet sector, providing over 230,000 churches, schools, and organizations with licensing solutions and legal content. For 35 years, CCLI has been dedicated to resourcing the church, empowering worship teams, and facilitating moments of true encounters with Jesus through affordable, legal content.

Vulnerabilities and Targeting

The recent attack on CCLI by the ransomware group Lockbit2 underscores the inherent vulnerabilities faced by companies operating within the Media & Internet sector. These organizations are particularly susceptible to cyber threats due to their heavy reliance on digital infrastructure and the sensitive nature of their data. In this instance, Lockbit2 exploited compromised valid credentials, likely sourced from a successful infostealer infection, to infiltrate CCLI's systems.

This incident is reflective of a larger pattern of ransomware attacks targeting entities in Latin America, including government organizations. Despite efforts to bolster national cybersecurity defenses, significant vulnerabilities remain, leaving the region at heightened risk of such cyber threats.

The ransomware attack on CCLI serves as a critical reminder of the need for robust cybersecurity measures within the Media & Internet sector, especially for organizations operating in Latin America. As the digital landscape evolves, maintaining vigilance and investing in comprehensive IT security education, training, and infrastructure is essential to safeguard against emerging cyber threats.

Sources

• The Surge in Cyber Attacks on Latin American Governments - SOCRadar. Available at SOCRadar
• Ransomware Attack Hits Claro across Latin America | Commsrisk. Available at Commsrisk
• Latin American Governments Targeted By Ransomware. Available at Infosecurity Magazine
• Colombia Reports Cyberattack With Impact Across Latin America. Available at Reuters