The LockBit ransomware gang has returned.
A report by Bleeping Computer mentioned that the ransomware gang recently claimed responsibility for the cyber attack on Bridgestone Americas, one of the world’s largest tire manufacturers.
LockBit claims to have stolen data important or sensitive enough to threaten Bridgestone with leaking that data.
What is LockBit?
LockBit is currently one of the most active ransomware gangs demanding large amounts of money in ransom for stolen information. According to a separate report from Bleeping Computer, the ransomware gang had previously targeted global IT consulting firm Accenture in August 2021.
According to a Kaspersky report, the ransomware gang uses LockBit, a self-propagating malware that uses tools like Windows Powershell and Server Message Block to spread within an organization.
Industrial cybersecurity expert Dragos mentioned in his report that the ransomware gang was actively targeting companies in the industrial and manufacturing sectors in 2021. Dragos’ report also mentioned that the transport sector and the food and beverage sector were the second and third most targeted sectors, respectively.
Currently, LockBit is threatening Bridgestone with handing over the data it stole in its attack on the tire manufacturer in late February. The ransomware gang also didn’t mention what data they stole or how much they charged to prevent the data from being leaked.
Bridgestone also didn’t mention whether leaking the stolen data will harm the company.
The tire maker mentioned that it discovered an IT security incident on February 27 and “proactively notified federal law enforcement agencies of the incident.” Bridgestone has since determined that the incident was the result of a ransomware attack, but has no evidence that it was a targeted attack.
The company then decided to disconnect many of its manufacturing and retreading facilities in Latin America and North America from its network to “contain and prevent potential impacts…” according to the WRDW-TV article.
Also Read: Anonymous Continues to Hack Russia, Targeting Streaming Services
The shutdown led to the cessation of first-shift operations in the affected plants. There is currently no word on when employees at affected Bridgestone plants will be able to resume work.
The tire manufacturer’s investigation revealed that the perpetrator of the attack followed a “pattern of behavior” common to ransomware attacks. Bridgestone added that the attacker removed information from a limited number of its systems and threatened to make the stolen information public to Bridgestone.
“We are committed to conducting a swift and decisive investigation to determine as quickly as possible what specific data has been extracted from our environment,” Bridgestone said in its statement. “Bridgestone is committed to protecting the information of our teammates, customers and partners.”
How to protect yourself
Although the LockBit ransomware gang has mostly focused on the industrial and manufacturing sectors, ransomware like that of the gang can still find its way onto your computer.
Kaspersky advises people to use strong passwords and enable multi-factor authentication to deter attackers from hacking into their accounts with ransomware. The antivirus company also recommended creating system-wide backups to restore lost data should it become infected with malware.
In addition, by making sure system configurations are up to date and following all security procedures, you can avoid becoming a victim of ransomware, saving you a lot of headache and stress.
Related article: Caution! This ransomware is spreading at an alarming rate! What can you do to keep your network secure?