lockbit2 attacks Digital Card Corporation

Incident Date: May 01, 2022

Attack Overview

VICTIM

Digital Card Corporation

INDUSTRY

Finance

LOCATION

Switzerland

ATTACKER

Lockbit

FIRST REPORTED

May 1, 2022

Request Removal

Digital Card Corporation Suffers Ransomware Attack

Company Overview

Digital Card Corporation, a Swiss entity, is recognized for its innovative approach in the finance sector through its digital postcard services. The company promotes a Premium membership at a cost of CHF 20.- (EUR 20.-) annually, offering a range of benefits to its subscribers.

Industry Standout

The firm distinguishes itself within the finance industry by providing a unique service—digital postcards. This offering is notably distinct from the conventional services provided by other companies in the sector.

Vulnerabilities

While the exact vulnerabilities exploited in the ransomware attack on Digital Card Corporation remain undisclosed, it is widely acknowledged that ransomware groups like Lockbit2 leverage weaknesses such as unpatched software, insufficiently strong credentials, or social engineering to infiltrate systems.

Ransomware Group

Lockbit2, the ransomware group claiming responsibility for this attack, is notorious for its advanced encryption methods and assertive strategies. Active since at least November 2021, Lockbit2 has executed numerous attacks across different sectors, including finance.

Mitigation Strategies

To counter the threat of ransomware, organizations are advised to adopt comprehensive cybersecurity practices. These include strengthening endpoint security, enhancing defenses against lateral movements, restricting or eliminating cached credentials on endpoints, and adhering to NIST guidelines for password management and rotation, especially for privileged accounts. The implementation of multi-factor authentication (MFA), segregation of admin accounts, regular security assessments, a solid incident response framework, and ongoing employee training on social engineering are critical for minimizing vulnerabilities and mitigating the impact of potential attacks.

Sources

NIST Guidelines on Password Security: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf
Understanding Ransomware and Strategies for Prevention and Response: https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.