When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
LockBit Ransomware Attacks Accenture Using Alleged Insider
Chris Swagler | August 23rd, 2021
Accenture, a global IT consultancy company, was a recent target of an alleged ransomware cyberattack from the LockBit ransomware group. As one of the world’s largest tech consulting companies that is valued at $44.3 billion, Accenture provides IT services to various industries including automobiles, banks, government, technology, energy, telecoms, and much more.
LockBit Ransomware Target Accenture
According to BleepingComputer, the threat actors are threatening to publish the stolen data if Accenture refuses to pay the ransom as seen below:
Even though there is no evidence of the stolen data, the LockBit ransomware is attempting to sell said data to any interested parties. There are still no exact details on the cause of the breach when the breach occurred, and the scope of the breach.
Accenture explained they used a backup to recover the affected systems. They also stated, “Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup. There was no impact on Accenture’s operations, or on our clients’ systems.”
The LockBit threat actors are claiming they were able to access Accenture’s network from a company “insider” stealing six terabytes of data and are now demanding a $50 million ransom. It was confirmed by Accenture that the LockBit ransomware targeted a CTI vendor and they are notifying their affected customers.
Whether the Lockbit ransomware was legitimately able to recruit an insider for access to Accenture’s network remains to be seen, but earlier this week, warnings were issued about their attempted recruiting of insider threats for millions in rewards if a breach proved successful.
Threat actors are always looking for creative ways to breach company networks. Understanding their motives is a quest in itself, but taking the proper steps to protect your organization and improve security posture removes the need for such understanding. Our team can investigate any suspicious activity and provide you with answers to properly assess the situation.
Our Security Operations Center provides companies with 24/7 protection against constant threats. With our Security Operations Center as a Service, our team of certified engineers is constantly watching your network regardless of whether the breach originated from within your business or if you want to increase security measures from outside threats.
Detecting threats early is vital for quick response. Our engineers work in tandem with ShadowSpear, our endpoint detection response tool, to block any threats from potentially harming your company. ShadowSpear offers direct communication with our engineers as well as a customized dashboard tracking threats in real-time.
If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.
View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
ShadowSpear Platform
Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
ShadowSpear Demo
Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
