LockBit 3.0 Ransomware Attack on Slovak National Library

Incident Date: May 09, 2024

Attack Overview

VICTIM

Slovak National Library

INDUSTRY

Education

LOCATION

Slovakia

ATTACKER

Lockbit

FIRST REPORTED

May 9, 2024

Request Removal

Ransomware Attack on Slovak National Library by LockBit 3.0

Victim Profile

The Slovak National Library (Slovenská národná knižnica) is the national library of Slovakia. Operating within the Education sector, this modern institution caters to all citizens of Slovakia and visitors from overseas. Renowned for its collection of indigenous and foreign Slovakicist documents, the library safeguards publications from Slovakia, offers services to students, educators, researchers, and specialists, runs specialized facilities, and executes national initiatives like the Digital Library and Digital Archive. This institution employs between 201 and 500 individuals and is headquartered in Martin, Žilinský kraj, Slovakia.

Attack Overview

The ransomware attack on Sripatum University involved the exfiltration of sensitive data, including accounting records, student information, financial data, and personally identifiable information (PII). The attackers utilized ransomware techniques to compromise the university's systems, leading to the leakage of a sample of the exfiltrated data online.

Vulnerabilities

While the Slovak National Library is recognized for its commitment to providing access to knowledge resources through its extensive collection of over 5 million volumes and its role in preserving Slovakia's cultural heritage, its digital archives and online presence make it an attractive target for threat actors looking to exploit system vulnerabilities.

Ransomware Group Profile

Standing out as a highly sophisticated ransomware variant, LockBit 3.0, also known as LockBit Black, encrypts files, alters filenames, changes desktop backgrounds, and delivers ransom demands. The group's capacity to move laterally within networks and conceal its activities makes it a significant threat. By offering Ransomware-as-a-Service, LockBit enables other cybercriminals to employ its malware for attacks, broadening its scope and impact.

Lockbit 3.0 May 2024 Attacks

The ransomware attack on the Slovak National Library is part of LockBit 3.0's May 2024 offensive. Despite law enforcement actions during "Operation Cronos," LockBit quickly resumed its operations, targeting numerous victims across various sectors and countries. The group's adaptability and global reach highlight the difficulties in effectively combating cybercrime.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.