lockbit2 attacks Topaces
Incident Date:
May 10, 2022
Overview
Title
lockbit2 attacks Topaces
Victim
Topaces
Attacker
Lockbit2
Location
First Reported
May 10, 2022
Analysis of the Ransomware Attack on Top Aces
Overview of Top Aces
Top Aces, a premier provider of advanced adversary air (ADAIR) and joint terminal attack controller (JTAC) technology and training, serves the world's elite armed forces. The company specializes in mission-critical training that bolsters the operational readiness of combat forces, offering cost-effective solutions and prolonging the service life of military aircraft fleets. Its services feature 4th Generation maneuverability, a wide range of air-to-air weapons and sensors, all-weather capabilities, and aircraft that are light weight and capable of withstanding 9 Gs. Training programs cover JTAC, adversary support, anti-shipping attack training, and electronic warfare.
Founded in 2000 by a cadre of former fighter pilots, Top Aces boasts the "largest worldwide footprint of privately-held operational fighter aircraft," serving the Canadian, German, Israeli, and U.S. armed forces. Despite its prominence in the defense sector, specific details regarding the company's size remain undisclosed.
The Lockbit2 Ransomware Attack
The ransomware group Lockbit2 has targeted Top Aces, marking a significant cybersecurity incident within the Government sector. Top Aces has acknowledged the attack and is in the process of conducting a thorough investigation.
Lockbit2, known for its aggressive ransomware campaigns, has claimed responsibility for compromising hundreds of organizations in the past year alone, targeting at least 650 entities to date. The group has threatened to release 44GB of data stolen from Top Aces unless their demands are met by May 15. The specific vulnerabilities exploited in the attack on Top Aces have not been disclosed.
This incident underscores the persistent threat posed by ransomware groups like Lockbit2 to critical defense infrastructure and the importance of robust cybersecurity measures to protect sensitive data and maintain operational readiness.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.