lockbit2 attacks Latam
Incident Date:
February 28, 2022
Overview
Title
lockbit2 attacks Latam
Victim
Latam
Attacker
Lockbit2
Location
First Reported
February 28, 2022
Ransomware Attack on CCLI: A Vulnerability in the Media & Internet Sector
Company Size and Industry Standout
CCLI stands as a significant entity within the Media & Internet sector, providing over 230,000 churches, schools, and organizations with licensing solutions and legal content. For 35 years, CCLI has been dedicated to resourcing the church, empowering worship teams, and facilitating moments of true encounters with Jesus through affordable, legal content.
Vulnerabilities and Targeting
The recent attack on CCLI by the ransomware group Lockbit2 underscores the inherent vulnerabilities faced by companies operating within the Media & Internet sector. These organizations are particularly susceptible to cyber threats due to their heavy reliance on digital infrastructure and the sensitive nature of their data. In this instance, Lockbit2 exploited compromised valid credentials, likely sourced from a successful infostealer infection, to infiltrate CCLI's systems.
This incident is reflective of a larger pattern of ransomware attacks targeting entities in Latin America, including government organizations. Despite efforts to bolster national cybersecurity defenses, significant vulnerabilities remain, leaving the region at heightened risk of such cyber threats.
The ransomware attack on CCLI serves as a critical reminder of the need for robust cybersecurity measures within the Media & Internet sector, especially for organizations operating in Latin America. As the digital landscape evolves, maintaining vigilance and investing in comprehensive IT security education, training, and infrastructure is essential to safeguard against emerging cyber threats.
Sources
- The Surge in Cyber Attacks on Latin American Governments - SOCRadar. Available at SOCRadar
- Ransomware Attack Hits Claro across Latin America | Commsrisk. Available at Commsrisk
- Latin American Governments Targeted By Ransomware. Available at Infosecurity Magazine
- Colombia Reports Cyberattack With Impact Across Latin America. Available at Reuters
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.