Another day, another ransomware attack! A big fish in the tech market has fallen victim this time.
Accenture, a giant tech consultant firm has been hit with Ransomware by LockBit 2.0 ransomware gang.
Accenture worth the attack?
Accenture is one of the big tech companies which provide Cyber Security and related technology services
to many fortune 100 companies and three quarter of fortune 500 companies. Their net revenue as of today
stands at around $44.3 billion and employees numbering up to 569,000 from 50 different countries.
Organization this big is always a target and cyber criminals will try to find ways to infiltrate no matter how
secure the organization is. The numbers are key factor in this attack and the ransomware gang certainly
made sure to utilize that. However, could it be the revenue numbers or the vast amount of employees?
Which one had impacted more on this attack?
The attack & threat actor
Lockbit is a cyber criminal gang that operates as ransomware-as-a-service (RaaS). In their recent post on
dark web, they put up Accenture’s data on sale. They even mocked the security of Accenture saying,
“These people are beyond privacy and security. I really hope that their services are better that what I saw as an insider. If you are interested in buying some databases, reach us.”
Allegendly, lockbit 2.0 gang has stolen around 6 TB of data and asking for $50million.
There’s not much details on how the attack happen or when they were compromised. However, different
sources are confirming that the threat actor gained access via an insider.
Accenture’s reaction?
Accenture told Bleepingcomputer that the attack had a minimal effect on their operations and they have
restored their services from backup. They mentioned, “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers.”
In addition they also mentioned, “We fully restored our affected systems from back-up. There was no impact on Accenture’s operations, or on our clients’ systems”
My thoughts?
Accenture has huge number of employees all over the world and I do believe that not all of them maintain
proper security posture. Employees are the weakest link in an organization and in this attack, an insider was
probably leveraged to gain foothold within the network.
Moreover, many ransomware gangs try to hire corporate people to do the dirty deeds. Could it be possible
that they actually have someone help them from inside in this hack? Well, nothing is certain.
Cyber Security training to all members in an organization is a must these days. Even after all the trainings, it
is up to the people to remain ethical. How ethical would you be if some ransomware gang offered you a
huge amount in exchange of corporate info?
References: