- LockBit, the ransomware as a service group, attacked the servers of IT solution firm Accenture.
- Accenture said they contained the attack and managed to recover from their backups.
- Reports show Accenture was not interested in paying any ransomware in exchange for the stolen funds
- $350 million have been paid to ransomware attackers in 2020.
As the new era saying goes, digital data is the new gold. Cybercrimes have increased by 64.9% since 2019, according to a 2020 Internet Crime Report issued by the FBI, noting a ransomware increase. Additionally, Bitcoin has gained media attention for being a vehicle for ransomware hackers to request payment, a method also utilized in the past.
Ransomware As A Service Bites Back
Accenture, a renowned consulting firm with a client base from Fortune’s Top 100 companies, including Alibaba, Cisco, and Google, was the subject of a ransomware attack. Targeted by ransomware as a service group, LockBit, part of Accenture’s database, has been compromised, the group reported on the DarkWeb site.
“These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider. If you are interested in buying some databases, reach us."
—LockBit site post.
In exchange for not leaking their files, LockBit requested a ransom, which BeforeCrypt estimated at roughly $33,000 in BTC. While the requested number was reported at $50 million, Accenture released a statement indicating they were not inclined to pay the fees, revealing the company “contained the matter and isolated the affected servers.” According to Security Affairs, it is not yet clear how the bad actors breached the servers. Still, Accenture spokesperson Stacey Jones noted that there were no immediate repercussions on the daily transactions.
Although Accenture acknowledged no immediate issues were reported, and operations were resumed through a backup, LockBit published roughly 2,384 files, indicating a breach. Yet, the amount of sensitive information released is still unknown. Cybersecurity researchers Cyble suggest the attack could be the result of an inside job due to evidence showing LockBit has used “corporate employees to gain restricted access.”
On The Flipside
- Ransomeware has grown as more people that lack digital skills use the internet and become susceptible to attacks.
- Privacy coins such as Monero and Zcash don’t get such bad publicity as Bitcoin during a high-level ransomware attack.
- Ransomware will end when people will stop paying the ransom.
Bitcoin Aids Illicit Activities
An attack on a Fortune 500 company such as Accenture is worrisome for the health of global data security. Ron Bradley, VP at Shared Assessments, emphasized that the case serves as a lesson for many companies on managing their security protocols, with Michael Goldstein, CEO of LAN Infotech, underscoring a call for companies to strengthen and review their protocols.
While the current hack did not entirely place Bitcoin at the forefront of the discussion, Accenture is an insignificant company compared to Colonial Pipeline, which directly affected regular people. However, prosecutors and FBI agents could recover “part” of the funds paid to Darkside, indicating that Bitcoin payments are not as anonymous as once perceived.
As argued by Daniel Schiappa, the mediatization of ransomware success creates a vicious circle that could lead to more hacking events in the future. According to data from Chainanalysis, by May 2021, ransomware attackers stole or received over $81 million; this could potentially grow as crypto’s anonymity is negotiated. Moreover, FireEye’s CEO claimed the growth of ransomware attacks had been related to the increase in cryptocurrency popularity.
Why You Should Care?
Ransomeware is not only targeting large enterprises with employees spread out across the globe. In addition, they can target regular individuals and it is essential to know not to click on any suspicious links and approach every online interaction with skepticism.