lockbit2 attacks S. & S. srl

Incident Date:

June 11, 2022

World map



lockbit2 attacks S. & S. srl


S. & S. srl




Pisa, Italy

Pisa, Italy

First Reported

June 11, 2022

S. & S. srl Targeted by Lockbit2 Ransomware Group

Company Profile

S. & S. srl, a manufacturing company, has recently fallen victim to the Lockbit2 ransomware group. This incident underscores the vulnerability of the manufacturing sector to cyber-attacks, which often target critical infrastructure and supply chain operations. The specifics of S. & S. srl's operations and its prominence within the industry remain under-researched, highlighting a need for greater transparency and security awareness in the sector.


The exact vulnerabilities exploited in the attack on S. & S. srl by the Lockbit2 ransomware group have not been disclosed. However, it is known that the group leverages compromised valid accounts, exposed Remote Desktop Protocol (RDP) servers, and exploits for FortiOS vulnerabilities CVE-2018-13379 and CVE-2020-12812 to infiltrate networks. This suggests potential lapses in S. & S. srl's cybersecurity practices, particularly in the areas of access control and network security.

Mitigation Strategies

To defend against ransomware and other cyber threats, organizations should adopt comprehensive cybersecurity measures, including:

  • Updating software and systems promptly to address security vulnerabilities.
  • Implementing strong password policies and multi-factor authentication to secure user accounts.
  • Conducting regular employee training on phishing and social engineering defense.
  • Maintaining up-to-date backups and testing disaster recovery procedures to ensure business continuity.
  • Applying network segmentation and strict access controls to minimize the impact of potential breaches.
  • Monitoring network activity for signs of unauthorized access and swiftly mitigating detected threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.