lockbit2 attacks SG Service

Incident Date:

May 13, 2022

World map



lockbit2 attacks SG Service


SG Service




Modungo, Italy

Bari, Italy

First Reported

May 13, 2022

SG Service Suffers Ransomware Attack

Company Overview

SG Service Sud is a company that provides a variety of products and services for the construction industry. They offer new, used, and leased machinery, ensuring that their clients have access to the latest and most reliable equipment for their projects.

Industry Standout

SG Service Sud stands out in the Construction sector by offering a comprehensive range of products and services, including new, used, and leased machinery. This approach allows them to cater to a wide range of clients and projects, making them a versatile and reliable partner in the industry.


Despite their industry standing, SG Service Sud has been targeted by threat actors, highlighting the need for robust cybersecurity measures in the Construction sector. The specific vulnerabilities that led to this attack are not mentioned, but it is essential for companies in all industries to prioritize cybersecurity to protect against ransomware and other cyber threats.

Ransomware Attack

Ransomware is a type of malware that encrypts files on a device until a ransom is paid to decrypt them. In this case, SG Service Sud was targeted by the Lockbit2 ransomware group, which claimed responsibility for the attack on their website.

Response and Resources

In response to ransomware attacks, the Singapore Police Force and the Cyber Security Agency of Singapore have developed a one-stop portal to provide support to victims, including decryption tools, incident response checklists, and Frequently Asked Questions (FAQs).

The ransomware attack on SG Service Sud serves as a reminder of the importance of robust cybersecurity measures in all industries. Companies must prioritize cybersecurity to protect against ransomware and other cyber threats, and resources like the ransomware portal developed by the Singapore Police Force and the Cyber Security Agency of Singapore can help victims recover from such attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.