lockbit2 attacks SUNtecktts
Incident Date:
May 17, 2022
Overview
Title
lockbit2 attacks SUNtecktts
Victim
SUNtecktts
Attacker
Lockbit2
Location
First Reported
May 17, 2022
SUNTECKtts Targeted by Lockbit2 Ransomware Group
SUNTECKtts, a two billion dollar transportation logistics provider with over 200 independently owned and operated agent offices across the U.S. and Canada, has been targeted by the Lockbit2 ransomware group. The attack was announced on the group's dark web leak site.
SUNTECKtts is a full-service transportation logistics provider that operates through a network of sales, operations, and capacity specialists, focusing on providing asset and non-asset surface transportation to a wide range of customers. The company is known for its proprietary technology integration platform, which allows for real-time connectivity between various business systems, enhancing operational efficiency and data-driven decision-making.
As a large, stable, and growing company, SUNTECKtts values its relationships with agents, carriers, and customers, being selective in its partnerships to ensure quality and drive loyalty among its stakeholders.
The Lockbit2 Ransomware Group and Its Tactics
The Lockbit2 ransomware group is known for deploying Clop ransomware in their attack campaigns. The impact of a successful Clop ransomware attack includes the encryption and exfiltration of significant amounts of data, potentially including private customer data, corporate finance data, and system credentials. The ransom fee demanded is based on the estimated value of the compromised organization.
While specific vulnerabilities exploited in the SUNTECKtts attack are not detailed, it is recommended that organizations implement comprehensive endpoint detection and response (EDR) solutions, such as Microsoft Defender, to provide additional protection against malware threats like Clop ransomware. EDR tools can alert system users of potential breaches and prevent further progress before the malware can implement its payload.
This attack serves as a reminder for organizations to prioritize cybersecurity measures, including regular vulnerability scanning, software updates, and user awareness and training programs, to mitigate the risks of ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.