Accenture, an IT Company hit by Lockbit Ransomware Attack. Cyber criminals are demanding Bitcoin in Ransom.
An Accenture spokesperson, Stacey Jones, confirmed to CNN Business about the incident.
Through our security controls and protocols, we identified irregular activity in one of our environments,” Jones said in a statement. “We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.”
What is LockBit?
According to Emsisoft, the LockBit is a ransomware variant that encrypts files using AES encryption and demands a large ransom (typically high five-figures) for their decryption. Whereas most modern strains of ransomware are manually operated, LockBit’s processes are largely automated, which allows the ransomware to propagate and infect other hosts with minimal human oversight after the initial point of compromise.
LockBit operates under the ransomware-as-a-service (Raas) business model, whereby ransomware developers lease their ransomware to affiliates who receive a portion of ransom payments received from the attacks they carry out.
Double extortion, in which threat actors use stolen data to pressure victims into paying the ransom, has become standard procedure among most ransomware groups and LockBit is no exception.
LockBit was first noticed in September 2019. In older versions, it was called ABCD ransomware to reflect the .abcd extension that it added to encrypted files. The extension of the files was changed to .LockBit in later versions.
CNBC reporter Eamon Javers tweeted,
Accenture confirms the hack, but minimizes the scale of the damage saying in a statement: “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.”
These hackers have now published almost 2,400 files to the Dark Web, according to CNBC analysts at Q6 cyber. The files appear to be PowerPoints, case studies, quotes and the like. No comment yet on the theft from Accenture.
Accenture Claims To Restore the Files.
“We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.”
