Accenture that offers professional services was reportedly hit by a ransomware attack launched by LockBit group. And reports are in that none of the servers were hit by the malware as proactive cybersecurity measures taken by the company paid well.
What’s interesting about this incident is that the victim company has denied any damage, while those who launched the attack state that they have stolen a portion of data from the servers and will sell it on the dark web, if their ransom related demands are overlooked.
Stacey Jones, the spokesperson of Accenture, confirmed the incident and stated that her firm’s security controls and protocols were excellent enough to track down the irregular activity on time and the Accenture security incident response team was quick enough to contain the incident on time.
Note 1- Eamon Javers, the reporter working from CNBC, was the first to disclose the news to the world on Accenture ransomware attack and confirmed that Accenture cyber resilience finally yielded excellent results.
Note 2- LockBit ransomware is a malware spreading group that indulges in double extortion techniques. Its aim is to disrupt victim’s digital services, extort money and sell the stolen data on dark web, if the victim denies paying a ransom in cryptocurrency- usually in Bitcoins or Monero. The said file encrypting malware is often spread through Windows Powershell and Server Message Block exploits.
Note 3- Using strong passwords, employing multi-factor authentication, implementing strict user account permissions, wiping out unused or outdated user accounts, keeping the systems patched, using backup applications and anti-threat solutions helps in keeping the LockBit malware at bay.