lockbit3 attacks Century Aluminum
Incident Date:
August 13, 2022
Overview
Title
lockbit3 attacks Century Aluminum
Victim
Century Aluminum
Attacker
Lockbit3
Location
First Reported
August 13, 2022
Century Aluminum Suffers Ransomware Attack by Lockbit3
Company Overview
Century Aluminum, a leading producer in the global metals and mining sector, has been targeted by the ransomware group Lockbit3, as disclosed on their dark web leak site. The company boasts significant operations in the United States, Iceland, Jamaica, and the Netherlands, focusing on the production of bauxite, alumina, and aluminum. With facilities in Kentucky, South Carolina, and Iceland, Century Aluminum's production capacity reaches approximately 1,216,000 metric tonnes annually, emphasizing sustainable, efficient, and economic solutions.
Vulnerabilities and Targeting
The specific vulnerabilities exploited in the attack by Lockbit3 remain undisclosed. Nonetheless, it is understood that ransomware groups can exploit a variety of cybersecurity weaknesses, including unpatched software, weak passwords, and inadequate employee training, to initiate their attacks.
Previous Cybersecurity Incidents
The metals and mining sector is no stranger to cybersecurity incidents, with Century Aluminum now among the affected companies. A notable example includes the 2019 ransomware attack on Norsk Hydro, a Norwegian aluminum company, which saw its entire global organization compromised.
Response and Mitigation
While specific details regarding Century Aluminum's response to the Lockbit3 attack are not available, it is imperative for companies in the wake of ransomware attacks to adhere to established best practices for incident response. These measures include isolating affected systems, restoring data from backups, and consulting with law enforcement and cybersecurity professionals.
Century Aluminum's experience with the Lockbit3 ransomware attack underscores the persistent cybercrime threat facing the metals and mining sector. It is crucial for companies within this industry to maintain vigilance and implement comprehensive cybersecurity strategies to mitigate the risk of future attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.