Ransomware Attack Hits Johnson Laschober & Associates by Lynx

Incident Date: Aug 06, 2024

Attack Overview

VICTIM

Johnson Laschober & Associates

INDUSTRY

Construction

LOCATION

USA

ATTACKER

Lynx

FIRST REPORTED

August 6, 2024

Request Removal

Ransomware Attack on Johnson Laschober & Associates by Lynx

On August 8, 2024, Johnson Laschober & Associates, P.C. (JLA), a professional architecture and engineering firm, discovered they had fallen victim to a ransomware attack orchestrated by the threat actor group known as Lynx. The attack targeted their website, thejlagroup.com, raising significant concerns about the security of sensitive information handled by the firm.

About Johnson Laschober & Associates

Johnson Laschober & Associates, P.C. (JLA) is a comprehensive architecture and engineering firm with over 40 years of experience, primarily serving clients in Augusta, Georgia, and Charleston, South Carolina. The firm specializes in a variety of professional design services, including architecture, civil engineering, electrical engineering, mechanical engineering, structural engineering, landscape architecture, and interior design. JLA's mission centers on client satisfaction, emphasizing exceptional value, professionalism, and integrity in all their projects.

Company Size and Industry Standing

JLA employs between 11 to 50 individuals, indicating a relatively small to medium-sized firm within the architecture and engineering industry. The firm is recognized for its significant presence in the Southeast region of the United States, catering to both private and public-sector clients. JLA has garnered several awards for its projects, including recognition from the American Council of Engineering Companies and Historic Augusta, highlighting its expertise in both new constructions and renovations.

Vulnerabilities and Attack Overview

The ransomware attack on JLA underscores the vulnerabilities that even well-established firms face in the digital age. The Lynx ransomware group, known for its double extortion tactics, likely penetrated JLA's systems through phishing emails or malicious downloads. Once inside, Lynx encrypted critical files, appending the ".LYNX" extension, and left a ransom note demanding payment to prevent data leakage.

About the Lynx Ransomware Group

Lynx is a ransomware variant that targets files on infected systems, appending the ".LYNX" extension to each one. The group employs advanced encryption algorithms, making it nearly impossible to recover files without the decryption key. Lynx typically spreads through phishing emails, malicious downloads, and other deceptive methods. The attackers behind Lynx are likely part of a larger, organized ransomware-as-a-service operation, utilizing professional-grade tools and methods.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.