LockBit Ransomware Hits John L. Lowery & Associates: Key Insights
LockBit Ransomware Attack on John L. Lowery & Associates, Inc.: A Detailed Analysis
John L. Lowery & Associates, Inc., a well-established engineering and technical services firm in the petrochemical industry, recently fell victim to a ransomware attack orchestrated by the notorious cybercriminal group, LockBit. This incident has raised significant concerns about the vulnerabilities and cybersecurity measures within the energy, utilities, and waste sectors.
Company Profile
Founded in 1964, John L. Lowery & Associates, Inc. is headquartered in Baton Rouge, Louisiana. The company employs between 51-200 professionals, including inspectors, engineers, designers, drafters, and analyzer technicians. They provide comprehensive engineering and technical services, primarily for the petrochemical industry, and have expanded their operations both nationally and internationally. The firm is known for its flexible staffing solutions, quality assurance, and commitment to safety and employee welfare.
Attack Overview
The ransomware attack on John L. Lowery & Associates, Inc. was claimed by LockBit via their dark web leak site. The attack compromised the company's data and systems, potentially leading to significant operational disruptions and data breaches. LockBit employs "double extortion" tactics, exfiltrating sensitive data and threatening to release it publicly if the ransom is not paid. The exact ransom demand and the extent of the data breach have not been disclosed.
About LockBit
LockBit is a highly sophisticated ransomware-as-a-service (RaaS) group that has been active since September 2019. It is responsible for over one-third of all ransomware attacks in the latter half of 2022 and the first quarter of 2023. LockBit uses a combination of RSA-2048 and AES-256 encryption algorithms to encrypt victims' files. The group is known for exploiting vulnerabilities in Remote Desktop Protocol (RDP) services and unsecured network shares to spread quickly across a network. LockBit's modular design and use of encrypted payloads make it particularly challenging to detect and analyze.
Potential Vulnerabilities
John L. Lowery & Associates, Inc.'s extensive use of technical personnel and reliance on digital systems for quality assurance, project management, and staffing solutions may have made them an attractive target for LockBit. The company's international operations and diverse client base further increase the potential impact of such an attack. The use of RDP services and network shares, if not adequately secured, could have provided an entry point for the ransomware.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!