lockbit2 attacks pla-pumpen
Incident Date:
March 19, 2022
Overview
Title
lockbit2 attacks pla-pumpen
Victim
pla-pumpen
Attacker
Lockbit2
Location
First Reported
March 19, 2022
PLA Pumpen und Anlagenbau GmbH: A Target for Lockbit2 Ransomware Attack
PLA Pumpen und Anlagenbau GmbH, a German company specializing in pump technology for water, wastewater, and ventilation systems, has been targeted by the ransomware group Lockbit2. The company, which has been in operation for over 25 years, offers a range of services from consulting to project development, installation, and maintenance of pumping systems.
The attack on PLA Pumpen und Anlagenbau GmbH is not the first instance of ransomware targeting water facilities. In 2021, two rural wastewater systems in Maine were hit by ransomware attacks, which did not compromise taxpayer data but could have overridden alarms or disabled critical equipment. In 2023, a water authority in Pennsylvania was targeted by a pro-Iran group, leading to the shutdown of a water pump station and the replacement of Israeli-made equipment.
The vulnerabilities of PLA Pumpen und Anlagenbau GmbH and other water facilities to ransomware attacks are not limited to their specific industry. In 2023, unpatched security flaws were discovered in water pump controllers made by ProPump and Controls, which could allow hackers to remotely take control of the devices and cause disruption or perform nefarious activities.
The Lockbit2 ransomware attack on PLA Pumpen und Anlagenbau GmbH serves as a reminder of the ongoing threat of cyberattacks on critical infrastructure, including water facilities. It is crucial for companies in the manufacturing sector, particularly those dealing with water and wastewater systems, to prioritize cybersecurity measures to protect their operations and the public they serve.
Sources
- PLA Pumpen und Anlagenbau GmbH. (n.d.). Retrieved April 10, 2024, from https://pla-pumpen.de
- CNN. (2023, November 28). Federal officials investigating after pro-Iran group allegedly hacked water authority in Pennsylvania. Retrieved April 10, 2024, from https://www.cnn.com/2023/11/28/us/pennsylvania-water-cyberattack/index.html
- SecurityWeek. (2023, March 30). Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks. Retrieved April 10, 2024, from https://www.securityweek.com/unpatched-security-flaws-expose-water-pump-controllers-to-remote-hacker-attacks/
- StateScoop. (2021, August 16). Ransomware hit two Maine water facilities earlier this year. Retrieved April 10, 2024, from https://statescoop.com/ransomware-maine-water-facilities/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.