lockbit2 attacks zentrum-dreilin...

Incident Date: Mar 28, 2022

Attack Overview

VICTIM

zentrum-dreilin...

INDUSTRY

Manufacturing

LOCATION

Germany

ATTACKER

Lockbit

FIRST REPORTED

March 28, 2022

Request Removal

Dreiling Maschinenbau GmbH Ransomware Attack

Dreiling Maschinenbau GmbH, a German manufacturing company, has been targeted by the ransomware group Lockbit2. The attack was announced on the dark web leak site of the ransomware group. The company operates in the manufacturing sector and has been in operation for over 40 years, specializing in the development, construction, and installation of special machines, machine tools, and machine components.

Company Overview

Dreiling Maschinenbau GmbH is a family-owned business that has been in operation for over 40 years. They are known for their expertise in the development, construction, and installation of special machines, machine tools, and machine components. The company is located in Thüringen, Germany, and has a strong focus on innovation, producing products ranging from small components to complete ultralight helicopters.

Vulnerabilities and Targeting

The ransomware group Lockbit2 has targeted Dreiling Maschinenbau GmbH, exploiting vulnerabilities in their systems. The exact nature of these vulnerabilities is not specified, but it is known that ransomware groups often exploit known vulnerabilities in software or hardware to gain access to a target's network. In the case of Lockbit2, they have been known to use exposed RDP servers and FortiOS vulnerabilities CVE-2018-13379 and CVE-2020-12812 to gain initial access to an organization's network.

Industry Impact

Ransomware attacks have become increasingly common in various industries, including manufacturing. In 2022, 62% of successful infiltrations in ransomware attacks were via phishing, and the average ransom payment was $812,360. The attack on Dreiling Maschinenbau GmbH is a reminder of the ongoing threat of ransomware to businesses of all sizes and industries.

Mitigation Strategies

To mitigate the risk of ransomware attacks, companies should implement robust cybersecurity measures, including regular software updates, employee training, and the use of backup systems. Additionally, organizations should be prepared to respond quickly and effectively to any potential attack, including having a plan in place for data recovery and communication with law enforcement and cybersecurity experts.

Sources

Dreiling Maschinenbau GmbH - Homepage
SOCRadar - Dark Web Profile: Play Ransomware. Available at: https://www.socradar.com
Spin.AI - Ransomware Tracker 2024. Available at: https://www.spin.ai

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.