LockBit Ransomware Hits Dowley Security Systems in Houston
LockBit Ransomware Attack on Dowley Security Systems
Dowley Security Systems, a prominent electronic security and technology integration provider based in Houston, Texas, has recently fallen victim to a ransomware attack orchestrated by the notorious LockBit group. This incident has compromised the company's data and systems, highlighting the persistent threat posed by advanced ransomware groups.
About Dowley Security Systems
Founded in 2006, Dowley Security Systems specializes in delivering a wide range of security solutions tailored for commercial, government, and industrial sectors. The company adopts a holistic approach to security, integrating multiple systems to ensure the protection of life and property. Their offerings include access control systems, video surveillance, intrusion detection, life safety systems, perimeter security, and continuous monitoring services. Dowley has garnered recognition within the industry for its innovative solutions and commitment to excellence, including the 2012 Security Innovation Gold Medal Award and being named one of the Top 100 Systems Integrators in the U.S. in 2012.
Attack Overview
The ransomware attack on Dowley Security Systems was explicitly claimed by the LockBit group via their dark web leak site. LockBit, known for its sophisticated encryption techniques and aggressive ransom demands, has encrypted critical files within Dowley's network, rendering them inaccessible. The attackers have likely demanded a ransom payment in exchange for the decryption key, threatening to leak sensitive information if their demands are not met.
About LockBit Ransomware Group
LockBit is a highly sophisticated ransomware-as-a-service (RaaS) group that has been active since September 2019. It has become the most active ransomware group, responsible for over one-third of all ransomware attacks in the latter half of 2022 and the first quarter of 2023. LockBit employs "double extortion" tactics, exfiltrating sensitive data and threatening to release it publicly if the ransom is not paid. The ransomware uses a combination of RSA-2048 and AES-256 encryption algorithms to encrypt victims' files and is designed to exploit vulnerabilities in Remote Desktop Protocol (RDP) services and unsecured network shares to spread quickly across a network.
Potential Vulnerabilities
Dowley Security Systems, despite its extensive security offerings, may have been targeted due to potential vulnerabilities in its network infrastructure. The LockBit group is known to exploit weaknesses in RDP services and unsecured network shares, which could have been entry points for the attack. Additionally, the company's extensive involvement in critical infrastructure sectors such as healthcare, education, and energy makes it an attractive target for ransomware groups seeking high-value data.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!