lockbit3 attacks Century Aluminum

Incident Date:

August 13, 2022

World map

Overview

Title

lockbit3 attacks Century Aluminum

Victim

Century Aluminum

Attacker

Lockbit3

Location

Hawesville, USA

Kentucky, USA

First Reported

August 13, 2022

Century Aluminum Suffers Ransomware Attack by Lockbit3

Company Overview

Century Aluminum, a leading producer in the global metals and mining sector, has been targeted by the ransomware group Lockbit3, as disclosed on their dark web leak site. The company boasts significant operations in the United States, Iceland, Jamaica, and the Netherlands, focusing on the production of bauxite, alumina, and aluminum. With facilities in Kentucky, South Carolina, and Iceland, Century Aluminum's production capacity reaches approximately 1,216,000 metric tonnes annually, emphasizing sustainable, efficient, and economic solutions.

Vulnerabilities and Targeting

The specific vulnerabilities exploited in the attack by Lockbit3 remain undisclosed. Nonetheless, it is understood that ransomware groups can exploit a variety of cybersecurity weaknesses, including unpatched software, weak passwords, and inadequate employee training, to initiate their attacks.

Previous Cybersecurity Incidents

The metals and mining sector is no stranger to cybersecurity incidents, with Century Aluminum now among the affected companies. A notable example includes the 2019 ransomware attack on Norsk Hydro, a Norwegian aluminum company, which saw its entire global organization compromised.

Response and Mitigation

While specific details regarding Century Aluminum's response to the Lockbit3 attack are not available, it is imperative for companies in the wake of ransomware attacks to adhere to established best practices for incident response. These measures include isolating affected systems, restoring data from backups, and consulting with law enforcement and cybersecurity professionals.

Century Aluminum's experience with the Lockbit3 ransomware attack underscores the persistent cybercrime threat facing the metals and mining sector. It is crucial for companies within this industry to maintain vigilance and implement comprehensive cybersecurity strategies to mitigate the risk of future attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.