lockbit3 attacks KISAN
Incident Date:
September 9, 2022
Overview
Title
lockbit3 attacks KISAN
Victim
KISAN
Attacker
Lockbit3
Location
First Reported
September 9, 2022
Kisanweb Suffers Ransomware Attack by Lockbit3
Kisanweb, a company operating in the construction sector, has been targeted by the ransomware group Lockbit3. The attack was announced on the group's dark web leak site, and the victim's website is Kisanweb specializes in the production and application of thermoplastic, composite, and cold-mixed asphalt materials, as evidenced by their portfolio of projects on their website.
The size and specifics of Kisanweb are not readily available in the search results. However, the company's website showcases their expertise in various construction projects, including the Istanbul Bosphorus Bridge, the KKTC Soğuk yol çizgi uygulaması, and the Bolu Otoyolu.
The vulnerabilities that led to Kisanweb being targeted by Lockbit3 are not explicitly stated in the search results. However, it is known that ransomware attacks often exploit software vulnerabilities, unpatched systems, and weak cybersecurity practices.
In response to the attack, the Cybersecurity and Infrastructure Security Agency (CISA) has provided guidance on how to protect against ransomware attacks, including conducting regular vulnerability scanning, maintaining offline backups, and keeping software updated.
The Lockbit3 ransomware group has been active since at least 2021, and their attacks have targeted various sectors, including construction. The group is known for its double extortion schemes, where they not only encrypt data but also threaten to release it if the ransom is not paid.
The consequences of a ransomware attack can be severe, leading to the loss of sensitive, proprietary, and critical information. In the case of Kisanweb, the attack could potentially disrupt their operations and compromise their data, leading to financial losses and reputational damage.
The ransomware attack on Kisanweb by Lockbit3 highlights the need for companies to prioritize cybersecurity measures to protect against such threats. Regular vulnerability scanning, software updates, and data backups are essential steps in mitigating the risks of ransomware attacks.
Sources
- FinCEN Ransomware Advisory: https://www.fincen.gov/resources/advisories/fincen-advisory-fin-2020-a006
- Stop Ransomware - CISA: https://www.cisa.gov/stopransomware
- Ransomware - FBI: https://www.fbi.gov/investigate/cyber
- Ransomware Attacks and Types – How Encryption Trojans Differ: https://www.kaspersky.com/resource-center/threats/ransomware-wannacry
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.