lockbit2 attacks SKANDIA
Incident Date:
February 8, 2022
Overview
Title
lockbit2 attacks SKANDIA
Victim
SKANDIA
Attacker
Lockbit2
Location
First Reported
February 8, 2022
Skandia, a 150-Year-Old Financial Institution, Suffers Ransomware Attack by Lockbit2
Skandia, a Mexican financial services company with a long-standing history of 150 years, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. Skandia offers corporate and personal investment, insurance, savings, and pension services, supported by a financially experienced group.
Company Size and Industry Standing
Skandia is a significant player in the finance sector, with a strong presence in Mexico. The company's website provides contact information for both the metropolitan area and the interior of the republic, indicating a broad customer base.
Vulnerabilities and Targeting
Ransomware attacks, such as the one suffered by Skandia, are often motivated by financial gain, disruption, or espionage. The most common cyber incidents affecting insurers include phishing mail, malware infections (ransomware), data exfiltration, and denial of service attacks. Insurers face a high risk of severe revenue losses and reputational damage due to business interruption, which is often the second most frequent consequence of a cyber incident.
The specific vulnerabilities that led to Skandia's attack are not detailed in the search results. However, it is mentioned that malware infections, particularly ransomware, are the most costly cyber incidents for insurers. This suggests that Skandia may have been targeted due to its status as a financial institution, making it a valuable target for cybercriminals seeking financial gain.
Mitigation and Response
The search results do not provide information on the specific mitigation and response measures taken by Skandia in response to the ransomware attack. However, it is recommended that organizations implement end-to-end products for migration, management, and security challenges across any Microsoft platform, including Active Directory and Office 365. This can help organizations accelerate their project timelines and mitigate the risk of delays, downtime, and disruptions to productivity and collaboration.
Skandia's ransomware attack by Lockbit2 highlights the ongoing threat of cybercrime in the finance sector. As a 150-year-old financial institution, Skandia's reputation and customer trust are at risk, underscoring the importance of robust cybersecurity measures to protect against such attacks.
Sources
- Skandia Mexico
- Next IT Security
- Ransomwatch
- EIOPA - https://www.eiopa.europa.eu/
- Quest Software - https://www.quest.com/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.