lockbit2 attacks Public Procurement Regulatory Authority

Incident Date:

May 4, 2022

World map



lockbit2 attacks Public Procurement Regulatory Authority


Public Procurement Regulatory Authority




Islamabad, Pakistan

Islamabad Capital Territory, Pakistan

First Reported

May 4, 2022

Public Procurement Regulatory Authority Targeted by Lockbit2 Ransomware Group

Company Information

The Public Procurement Regulatory Authority is a pivotal government agency in Pakistan, tasked with the regulation and oversight of the procurement process. The organization's official website offers insights into its mandate, vision, mission, as well as information on its services and initiatives.

Vulnerabilities and Targeting

Ransomware attacks exploit vulnerabilities within an organization's network security framework, including unpatched software, weak passwords, or inadequately secured remote access protocols. The Lockbit2 ransomware group infiltrated the PPRA's network by leveraging such vulnerabilities, subsequently escalating privileges to deploy ransomware, bypass security measures, and target backups for encryption.

Mitigating Ransomware Attacks

To effectively mitigate the risk posed by ransomware attacks, organizations are advised to adopt a multi-layered cybersecurity strategy, often described as "defense in depth." This strategy encompasses a variety of measures, including but not limited to, email filtering, anti-phishing training, the implementation of multi-factor authentication, and the diligent patching and updating of software applications.

Reporting and Prevention

Entities regulated by governmental authorities are obligated to report any instances of successful ransomware deployment within their internal networks, or any intrusion attempts that result in unauthorized access to privileged accounts, to the appropriate regulatory bodies. Preventing ransomware attacks necessitates a holistic approach, combining technical safeguards, employee awareness programs, and the continuous updating and patching of systems to rectify known vulnerabilities.

The incident involving the Lockbit2 ransomware group's attack on the Public Procurement Regulatory Authority underscores the imperative for organizations to maintain a high level of vigilance against cyber threats. It further emphasizes the importance of instituting comprehensive cybersecurity measures to safeguard against the ever-present risk of ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.