lockbit3 attacks Entust
LockBit Ransomware Attack on Entrust
Entrust, a leading provider of identity and security solutions, was targeted by a ransomware attack in June 2022. The LockBit ransomware group claimed responsibility for this breach, which led to the unauthorized access and theft of data from Entrust's internal systems. Following the attack, the group threatened to release the stolen data unless a ransom was paid.
Based in Minneapolis, Minnesota, Entrust employs nearly 3,000 individuals and specializes in identity management and authentication services. The company is notable for its certified MSP program, designed to assist partners in managing cloud-based IT issuance for their end-customers. Among its key clientele are various U.S. government agencies.
The LockBit Ransomware Gang's Activities in 2022
The LockBit ransomware gang has been particularly active throughout 2022, with LockBit 2.0 and Conti ransomware variants accounting for 59% of all reported attacks in March of the same year. The industrial sector emerged as the group's preferred target, representing 34% of its attacks.
Entrust's Response to the Ransomware Attack
In response to the ransomware attack, Entrust made the decision not to pay the demanded ransom to the LockBit gang. Instead, the company reportedly initiated a DDoS (Distributed Denial of Service) attack against the ransomware group's data leak sites. This countermeasure was successful in temporarily disabling the sites, although it remains uncertain whether Entrust directly organized or executed these DDoS attacks.
This incident underscores the persistent threat of ransomware attacks across various sectors, including firms specializing in cybersecurity. It further emphasizes the critical importance of implementing comprehensive security measures to effectively counteract and mitigate such threats.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!