lockbit2 attacks Public Procurement Regulatory Authority
Incident Date:
May 4, 2022
Overview
Title
lockbit2 attacks Public Procurement Regulatory Authority
Victim
Public Procurement Regulatory Authority
Attacker
Lockbit2
Location
First Reported
May 4, 2022
Public Procurement Regulatory Authority Targeted by Lockbit2 Ransomware Group
Company Information
The Public Procurement Regulatory Authority is a pivotal government agency in Pakistan, tasked with the regulation and oversight of the procurement process. The organization's official website offers insights into its mandate, vision, mission, as well as information on its services and initiatives.
Vulnerabilities and Targeting
Ransomware attacks exploit vulnerabilities within an organization's network security framework, including unpatched software, weak passwords, or inadequately secured remote access protocols. The Lockbit2 ransomware group infiltrated the PPRA's network by leveraging such vulnerabilities, subsequently escalating privileges to deploy ransomware, bypass security measures, and target backups for encryption.
Mitigating Ransomware Attacks
To effectively mitigate the risk posed by ransomware attacks, organizations are advised to adopt a multi-layered cybersecurity strategy, often described as "defense in depth." This strategy encompasses a variety of measures, including but not limited to, email filtering, anti-phishing training, the implementation of multi-factor authentication, and the diligent patching and updating of software applications.
Reporting and Prevention
Entities regulated by governmental authorities are obligated to report any instances of successful ransomware deployment within their internal networks, or any intrusion attempts that result in unauthorized access to privileged accounts, to the appropriate regulatory bodies. Preventing ransomware attacks necessitates a holistic approach, combining technical safeguards, employee awareness programs, and the continuous updating and patching of systems to rectify known vulnerabilities.
The incident involving the Lockbit2 ransomware group's attack on the Public Procurement Regulatory Authority underscores the imperative for organizations to maintain a high level of vigilance against cyber threats. It further emphasizes the importance of instituting comprehensive cybersecurity measures to safeguard against the ever-present risk of ransomware attacks.
Sources
- Public Procurement Regulatory Authority. (n.d.). Home. Retrieved April 10, 2024, from http://ppra.org.pk/
- New York State Department of Financial Services. (June 30, 2021). Industry Letter - June 30, 2021: Ransomware Guidance. Retrieved April 10, 2024, from https://www.dfs.ny.gov/industry_guidance/industry_letters/il20210630_ransomware_guidance
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.