lockbit2 attacks TCCM
Incident Date:
March 2, 2022
Overview
Title
lockbit2 attacks TCCM
Victim
TCCM
Attacker
Lockbit2
Location
First Reported
March 2, 2022
TCCM Suffers Ransomware Attack by LockBit2
Company Overview
TCCM, a telecommunications company operating in 20 countries across Central and Eastern Europe, serves 140 million potential end customers. The company provides a wide range of services aimed at enhancing connectivity and efficiency within the telecommunications sector. These services encompass business development, channel marketing, financial services, warehousing and distribution, reverse logistics and after-sales management, and product customization.
Vulnerabilities
The specific vulnerabilities exploited in the ransomware attack on TCCM by the LockBit2 group have not been disclosed. LockBit2 is recognized for its aggressive ransomware campaigns, having targeted over 2,000 victims, extorted more than $120 million in ransom payments, and issued ransom demands amounting to hundreds of millions of dollars. Despite law enforcement efforts to disrupt its activities, LockBit2 remains a formidable threat to global organizations.
Mitigation Strategies
To defend against ransomware attacks, organizations are advised to adopt several best practices. These include enabling multifactor authentication, regularly backing up data, ensuring systems are promptly updated, scrutinizing emails before opening them, and adhering to recognized security frameworks. Employing solutions that offer extended detection and response (XDR) and network detection and response (NDR) can further bolster an organization's ability to thwart and address ransomware incidents.
The ransomware attack on TCCM underscores the persistent risk cybercriminals pose to the telecommunications industry. Adopting comprehensive cybersecurity measures and maintaining vigilance against new threats are imperative for companies to protect themselves.
Sources
- TCCM Website: https://www.tccm.com/
- Trend Micro: Rise in Active RaaS Groups Parallel Growing Victim Counts - Trend Micro
- U.S. and U.K. Disrupt LockBit Ransomware Variant
- Ransomware Tracker 2024: Recent Ransomware Attacks - Spin.AI
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.