LockBit Ransomware Group Targets The Lakeland Chamber of Commerce

The Lakeland Chamber of Commerce, a pivotal organization in Lakeland, Florida, has recently fallen victim to a ransomware attack orchestrated by the notorious LockBit 3.0 group. This incident, disclosed on LockBit's dark web leak site on September 18, 2023, underscores the growing threat of ransomware attacks on organizations dedicated to community and economic development.

About The Lakeland Chamber of Commerce

Established in 1972, the Lakeland Chamber of Commerce is a prominent entity focused on fostering economic growth and enhancing the quality of life in the Lakeland community. With its headquarters at 35 Lake Morton Drive, Lakeland, FL, the Chamber serves as a catalyst for business success, providing resources and support to local businesses. It is known for its strategic initiatives like the "Accelerate 2030" plan, which aims to enhance the business landscape and quality of life in the region.

The Chamber's primary functions include advocating for local businesses, organizing events and programs for networking and professional development, and supporting community involvement. It serves hundreds of members across various sectors, indicating a significant presence in the local economy.

Details of the Ransomware Attack

The ransomware attack on the Lakeland Chamber of Commerce was executed by the LockBit 3.0 group, a highly sophisticated ransomware-as-a-service (RaaS) entity. LockBit employs "double extortion" tactics, exfiltrating sensitive data and threatening to release it publicly if the ransom is not paid. The attack was revealed on LockBit's dark web leak site, suggesting that the threat actors successfully breached the Chamber's systems and potentially exfiltrated sensitive data.

About LockBit Ransomware Group

LockBit has been active since September 2019 and has become one of the most prolific ransomware groups, responsible for over one-third of all ransomware attacks in late 2022 and early 2023. The group uses a combination of RSA-2048 and AES-256 encryption algorithms to encrypt victims' files. LockBit is designed to exploit vulnerabilities in Remote Desktop Protocol (RDP) services and unsecured network shares, allowing it to spread quickly across a network.

LockBit distinguishes itself by its modular design, which encrypts its payload until execution to hinder malware analysis and detection. It also performs checks to avoid executing on systems with languages common to the Commonwealth of Independent States (CIS) region.

Potential Vulnerabilities and Penetration Methods

The Lakeland Chamber of Commerce, like many organizations, may have been vulnerable due to potential weaknesses in their cybersecurity infrastructure. LockBit typically exploits vulnerabilities in RDP services and unsecured network shares. The Chamber's extensive network of local businesses and community leaders, coupled with its reliance on digital platforms for advocacy and event organization, could have presented multiple entry points for the ransomware group.

Sources

• Lakeland Chamber of Commerce
• SOCRadar: Dark Web Profile - LockBit 3.0 Ransomware
• TXOne Networks: Malware Analysis - LockBit 3.0
• Red Piranha: A Look at LockBit 3.0 Ransomware
• CISA: Ransomware Profile - LockBit 3.0