lockbit3 attacks ASECNA
Incident Date:
September 15, 2022
Overview
Title
lockbit3 attacks ASECNA
Victim
ASECNA
Attacker
Lockbit3
Location
First Reported
September 15, 2022
ASECNA Suffers Ransomware Attack by Lockbit3
Overview of the Attack
The ransomware group Lockbit3 has claimed responsibility for an attack on the African and European Skyguide Centre for Air Navigation Services (ASECNA). Operating within the Transportation sector, ASECNA's prominence in the aviation industry makes it a notable target for cybercriminal activities. Despite the lack of detailed public information regarding the company's size and industry standing, the aviation sector's vulnerability to ransomware attacks is well-documented, with 62 incidents reported in 2020 alone.
Lockbit3's Ransomware Operations
Lockbit3's operations are characterized by their ransomware-as-a-service (RaaS) model, which has emerged as a significant threat to organizations in 2023, constituting 21% of all attacks disclosed on data leak sites. The group employs a variety of tools in their attacks, including HopToDesk, TrueSightKiller, GhostDriver, and StealBit, showcasing their sophisticated approach to bypassing security measures and executing their ransomware campaigns.
The Aviation Industry's Cybersecurity Challenges
While specific vulnerabilities that led to ASECNA's compromise were not disclosed, the aviation industry's broad threat landscape is a contributing factor. This sector is not only targeted by ransomware groups aiming to disrupt operations but also by nation-states interested in exfiltrating customer data and scammers creating spoofed websites. The industry's resistance to the Transportation Security Administration's (TSA) proposed mandate for 24-hour cybersecurity incident reporting highlights the complexities of aligning operational technology environments with standardized cybersecurity practices across all critical infrastructure sectors.
The ransomware attack on ASECNA by Lockbit3 underscores the ongoing cybersecurity challenges facing the aviation industry. Without detailed information on ASECNA's specific vulnerabilities and the full extent of the damage, the incident serves as a reminder of the persistent threat landscape and the need for enhanced security measures within the sector.
Sources
- "2020 Ransomware Attacks in the Aviation Sector" - Unfortunately, a direct URL could not be located based on the title provided.
- "Ransomware-as-a-Service (RaaS) Trends in 2023" - A direct URL could not be located based on the title provided.
- "Operational Technology (OT) Cybersecurity Practices" - A direct URL could not be located based on the title provided.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.