Accenture is a Fortune 500 IT consulting organisation with 500,000 people all over the world. That is, a prolonged ransomware attack may cost it not only billions of dollars in revenue but also the trust of other businesses that rely on its cybersecurity expertise. The company has been attacked by Bitcoin Ransomware attackers.
On Tuesday evening, the company says it thwarted a similar attack by the hacking organisation Lockbit, but not before the hackers gained access to some files ostensibly belonging to the company. Today is the first day that they have been published.
The LockBit 2.0 ransomware gang took responsibility and claimed to stole 6 terabytes of data. They demanded a $50 million ransom be paid or the stolen data would be published.
Unless Accenture wanted to acquire the databases itself, the cybercriminal group had published an extortion note threatening to disclose data stolen from the corporation within a few hours. The message implied that the hack was carried out by a company “insider.”
Accenture was uninterested in the project. “Through our security controls and policies, we noticed anomalous behaviour in one of our environments,” the business said in a statement. We were able to control the problem and isolate the affected servers quickly.”
Furthermore, according to Accenture, the affected servers are no longer involved: “We have restored our affected systems from backup [sic].” Accenture’s operations and our clients’ systems were unaffected.”
Despite this, Lockbit published 2,384 files, implying that Accenture did not attempt to purchase the stolen material. It is unknown how sensitive the information is.
Ransomware is malware that prevents users from accessing their computers or networks until they pay a ransom, generally in Bitcoin or another cryptocurrency. According to cybersecurity firm Kaspersky, LockBit has been present since late 2019 and is notorious for deploying targeted attacks that can spread across networks without manual interaction. Hackers may use brute force methods to crack weak passwords and get access. After that, the malware grabs data.
The average Lockbit ransom is over $33,000 in BTC, according to figures from European ransomware assistance provider BeforeCrypt, though that number can be significantly more for companies with strong pockets.
Accenture might have escaped a bullet if no critical information was attached. According to blockchain investigative firm Chainalysis, ransomware payments cost organisations $81 million in the first five months of this year, not including the hundreds of hours in missed work hours.
According to a report from threat research firm Emsisoft, LockBit, which first appeared in September 2019, was dubbed ABCD ransomware because the .abcd extension is used to encrypted data.
In May 2020, LockBit collaborated with the Maze ransomware organisation, and in August 2020, it began attacking midsize U.S. businesses, according to Interpol.
According to Emsisoft, LockBit launched its LockBit 2.0 ransomware-as-a-service operation in June and began an advertising push to attract new affiliates.
LockBit and its allies, according to Emsisoft, have been quite active this year.
According to Emsisoft, “there have been 9,955 entries [about LockBit] to ID Ransomware, an online service that helps ransomware victims identify which ransomware has encrypted their files.” “We believe that only about a quarter of victims pay the ransom to ID Ransomware.”