lockbit2 attacks SL Global Energy

Incident Date:

June 12, 2022

World map



lockbit2 attacks SL Global Energy


SL Global Energy




Memorial City, USA

Houston, USA

First Reported

June 12, 2022

SL Global Energy Targeted by Lockbit2 Ransomware Group

Company Overview

SL Global Energy, a certified WBE company, stands out for its commitment to diversity and innovation in the energy sector. With a workforce that reflects a broad spectrum of demographics, including various age groups, languages, ethnicities, genders, and cultural/educational backgrounds, the company is well-positioned to offer a wide range of services. These services encompass Oilwell tools operation, process optimization, strategy development, and regulatory development on a national scale. SL Global Energy's leadership team brings together a wealth of global experience across multiple disciplines, enabling the company to deliver on its promise of innovation in consulting, talent services, and technology.

Vulnerabilities and Targeting

The energy sector, particularly nuclear and oil & gas industries, has seen a marked increase in ransomware attacks. These sectors are particularly vulnerable due to the complex interplay between IT and operational technologies, compounded by third-party risks and geopolitical tensions. The recent MOVEit Transfer supply-chain extortion campaign, affecting over 2,180 entities, underscores the growing threat landscape. The year 2023 is poised to be a record-breaking year for ransomware actors, highlighting the urgent need for enhanced cybersecurity measures within the energy sector.

Response and Mitigation

In the absence of a public statement from SL Global Energy regarding the Lockbit2 ransomware attack, the recommended course of action includes engaging with law enforcement and refraining from paying the ransom. Federal investigators have introduced new strategies to combat such cyber threats, equipping victims with essential tools to mitigate the impact of malware attacks effectively.

The attack on SL Global Energy by the Lockbit2 ransomware group underscores the critical importance of cybersecurity within the energy sector. To safeguard against such threats, energy companies must prioritize the implementation of advanced cybersecurity technologies, including threat intelligence, data encryption, and incident response capabilities. Furthermore, fostering collaboration among industry peers can contribute to a collective defense strategy, enhancing the overall resilience of the sector against cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.