Entrust Cyberattack: No Ransomware Payment to LockBit Gang
Identity management security provider Entrust suffered a ransomware attack in June 2022, but ultimately refused to pay the extortion fee to the LockBit ransomware gang.
Instead, a DDoS attack knocked out LockBit’s data leak sites. It’s unclear if Entrust had a hand in organizing or launching the DDoS attacks.
Entrust, based in Minneapolis, Minnesota, develops identity management and authentication services. The company has nearly 3,000 employees listed on inkedIn. Key customers include U.S. government agencies. On the channel front, Entrust has a certified MSP program to help partners manage cloud-based IT issuance for end-customers.
LockBit Ransomware Attack Activity
Meanwhile, the LockBit gang has been particularly active in 2022. Indeed, LockBit 2.0 and Conti were responsible for 59 percent of the total attacks reported in March 2022, with LockBit accounting for some 96 of the 283 identified incidents, NCC Group reported. The syndicate’s favorite target remained the industrial sector with 34 percent of its infiltrations aimed in that direction. Other targeted sectors include consumer cyclicals (21%) and technology (7%).
Major LockBit victims include Atento, a customer relationship management (CRM) services provider that suffered $42.1 million in financial losses related to a ransomware attack in October 2021.
Accenture, the global IT consulting firm with a Top 250 MSSP business unit, also suffered a LockBit ransomware attack in 2021.
CISA, FBI, UK Repeatedly Issue Ransomware Attack Warnings to MSPs
The CISA, FBI and UK authorities have repeatedly warned MSPs about inbound ransomware attacks.
The latest joint warning, issued in May 2022, included 12 tips to help MSPs reduce ransomware cyberattack threat risks. Separately, Microsoft issued a ransomware cyberattack warning to small businesses and their IT service providers in July 2022.
Blog originally posted August 19. Updated thereafter with the DDoS attack news.