Ransomware Attack on Virgin Islands Emergency Management Agency by LockBit 3.0

Victim Profile

The Virgin Islands Territorial Emergency Management Agency (VITEMA) is the emergency management agency of the U.S. Virgin Islands. It is responsible for coordinating disaster response and recovery efforts in the territory. VITEMA's operations are guided by the National Incident Management System (NIMS), which standardizes resource management procedures for optimum coordination among different islands, departments, and agencies of the V.I. Government and the private sector.

Company Size and Industry Standing

The agency stands out in the industry for its commitment to quality emergency response services and homeland security. VITEMA is the sole government agency designated to supervise, administer, and coordinate all-hazards response and recovery operations in the U.S. Virgin Islands.

Attack Penetration

The ransomware attack on VITEMA by LockBit 3.0 involved the compromise of the agency's website and the exfiltration of approximately 14 GB of sensitive data. Despite the absence of a ransom demand, the exfiltrated data poses significant risks to VITEMA's operations and the privacy of individuals involved. The agency's critical role in disaster response and recovery operations makes it an attractive target for cybercriminals seeking to disrupt essential services and compromise sensitive information.

Ransomware Group Distinction

LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has evolved from previous versions of LockBit. The group distinguishes itself by adopting an affiliate-based ransomware approach and introducing new features and capabilities in its latest variant. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats currently active, targeting a wide range of organizations globally.

Sources:

• VITEMA Official Website
• VMware Blog - LockBit 3.0
• SentinelOne - LockBit 3.0
• Times of India - LockBit 3.0