Entrust Cyberattack: No Ransomware Payment to LockBit Gang

Flashlight beam shining on medical records as someone is up to no good.Please take a look at my

Identity management security provider Entrust suffered a ransomware attack in June 2022, but ultimately refused to pay the extortion fee to the LockBit ransomware gang.

Instead, a DDoS attack knocked out LockBit's data leak sites. It's unclear if Entrust had a hand in organizing or launching the DDoS attacks.

Entrust, based in Minneapolis, Minnesota, develops identity management and authentication services. The company has nearly 3,000 employees listed on inkedIn. Key customers include U.S. government agencies. On the channel front, Entrust has a certified MSP  program to help partners manage cloud-based IT issuance for end-customers.

LockBit Ransomware Attack Activity

Meanwhile, the LockBit gang has been particularly active in 2022. Indeed, LockBit 2.0 and Conti were responsible for 59 percent of the total attacks reported in March 2022, with LockBit accounting for some 96 of the 283 identified incidents, NCC Group reported. The syndicate’s favorite target remained the industrial sector with 34 percent of its infiltrations aimed in that direction. Other targeted sectors include consumer cyclicals (21%) and technology (7%).

Major LockBit victims include Atento, a customer relationship management (CRM) services provider that suffered $42.1 million in financial losses related to a ransomware attack in October 2021.

Accenture, the global IT consulting firm with a Top 250 MSSP business unit, also suffered a LockBit ransomware attack in 2021.

CISA, FBI, UK Repeatedly Issue Ransomware Attack Warnings to MSPs

The CISA, FBI and UK authorities have repeatedly warned MSPs about inbound ransomware attacks.

The latest joint warning, issued in May 2022, included 12 tips to help MSPs reduce ransomware cyberattack threat risks. Separately, Microsoft issued a ransomware cyberattack warning to small businesses and their IT service providers in July 2022.

Blog originally posted August 19. Updated thereafter with the DDoS attack news.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.