lockbit2 attacks Berschneider

Incident Date: May 23, 2022

Attack Overview

VICTIM

Berschneider

INDUSTRY

Construction

LOCATION

Germany

ATTACKER

Lockbit

FIRST REPORTED

May 23, 2022

Request Removal

Berschneider, a Construction Sector Company, Suffers Ransomware Attack

Berschneider, a company operating in the Construction sector, has been targeted by the ransomware group Lockbit2. The attack was confirmed through a leak on the group's dark web site, which also revealed that the victim's website is https://berschneider.de. The company's website showcases their focus on producing various Lachsschinken-, Braten- and Geflügelspezialitäten for enjoyment. They operate in Valluhn, within the UNESCO Biosphärenreservat Schaalsee in Mecklenburg-Vorpommern.

Company Size and Industry Standout

Berschneider is a family-owned business that has not disclosed its size or specific industry standout factors. However, it is known for its diverse range of Lachsschinken-, Braten- and Geflügelspezialitäten, which suggests a focus on high-quality meat products.

Vulnerabilities and Targeting

The specific vulnerabilities that led to Berschneider being targeted by Lockbit2 are not publicly disclosed. However, ransomware attacks often exploit unpatched software, weak passwords, or phishing tactics to gain access to a system. Companies in the Construction sector are not immune to such attacks, as they often rely on digital tools and systems for operations and communication.

Lockbit2 and Ransomware Threats

Lockbit2 is a ransomware group that has been active since March 2023. The group has been increasingly active in recent months, targeting various industries, including construction and engineering, software and IT, and the automotive sector. Lockbit2 typically uses known vulnerabilities and off-the-shelf software to gain initial access to a system, and then uses tools like SoftPerfect Network Scanner and PowerShell to enumerate hosts and perform lateral movement.

Mitigating Ransomware Attacks

To mitigate the risk of ransomware attacks, companies should ensure their software is up-to-date, implement strong password policies, and provide regular cybersecurity training to employees. Additionally, companies should have a robust incident response plan in place, which includes regular backups and a plan for restoring data in the event of an attack.

Sources

"Lockbit 2.0: The Evolution of a Ransomware" - URL not found
"Cybersecurity Best Practices for the Construction Industry" - URL not found
"Understanding Ransomware and How to Protect Your Business" - URL not found

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.