attacksimulator.com
Open in
urlscan Pro
94.130.135.206
Public Scan
URL:
https://attacksimulator.com/blog/ransomware-attack-hits-accenture/
Submission: On August 25 via api from GB
Submission: On August 25 via api from GB
Form analysis 1 forms found in the DOM
GET https://attacksimulator.com/
<form role="search" method="get" class="et_pb_searchform" action="https://attacksimulator.com/">
<div>
<label class="screen-reader-text" for="s">Search for:</label>
<input type="text" name="s" placeholder="Type to search " class="et_pb_s" style="height: 30px; padding-right: 55.9688px;">
<input type="hidden" name="et_pb_searchform_submit" value="et_search_proccess">
<input type="hidden" name="et_pb_include_posts" value="yes">
<input type="hidden" name="et_pb_include_pages" value="yes">
<input type="submit" value="Search" class="et_pb_searchsubmit" style="">
</div>
</form>Text Content
* GDPR
* Partner Network
* MSP Program
* Contact Us
* GDPR
* Partner Network
* MSP Program
* Contact Us
Search for:
* Follow
* Follow
* Follow
* Follow
Free Trial
* Cybersecurity Awareness
* Cybersecurity Training SolutionsCreate a culture of security in your
company with the advanced training tools of ATTACK Simulator.
* Phishing SimulationsRead about ATTACK Simulator’s practical strategy.
* Educational PlatformFind more details about our Educational Strategy
* Interactive Cybersecurity GamesWe’re working on a brand new Interactive
Strategy
* Use CasesFind out why is ATTACK Simulator the perfect fit for your
company
* Cybersecurity Compliance & CertificationsATTACK Simulator is an important
step in becoming security compliant
* Get StartedFind the right ATTACK Simulator plan for you
* Cybersecurity Awareness Training PlansDiscover our plans and the
fantastic features they pack
* Compare PlansCompare our plans feature by feature
* Help me chooseWe can help you find the best ATTACK Simulator plan for
your company
* Free Cybersecurity Awareness Training TrialTry ATTACK Simulator in a few
easy steps
* Why ATTACK Simulator?
* Resources
* Blog
* How To’s
* Glossary
* Goodies
* Security Newsletter
* Company
* About Us
* Contact Us
* Sign In
* Admin Panel
* Educational Portal
* Partners Portal
* Cybersecurity Awareness
* Cybersecurity Training SolutionsCreate a culture of security in your
company with the advanced training tools of ATTACK Simulator.
* Phishing SimulationsRead about ATTACK Simulator’s practical strategy.
* Educational PlatformFind more details about our Educational Strategy
* Interactive Cybersecurity GamesWe’re working on a brand new Interactive
Strategy
* Use CasesFind out why is ATTACK Simulator the perfect fit for your
company
* Cybersecurity Compliance & CertificationsATTACK Simulator is an important
step in becoming security compliant
* Get StartedFind the right ATTACK Simulator plan for you
* Cybersecurity Awareness Training PlansDiscover our plans and the
fantastic features they pack
* Compare PlansCompare our plans feature by feature
* Help me chooseWe can help you find the best ATTACK Simulator plan for
your company
* Free Cybersecurity Awareness Training TrialTry ATTACK Simulator in a few
easy steps
* Why ATTACK Simulator?
* Resources
* Blog
* How To’s
* Glossary
* Goodies
* Security Newsletter
* Company
* About Us
* Contact Us
* Sign In
* Admin Panel
* Educational Portal
* Partners Portal
JULY 30 RANSOMWARE ATTACK ON CONSULTING GROUP ACCENTURE, CONFIRMED
by Diana Panduru | August 14, 2021 | Cybersecurity News
Global consulting group Accenture reportedly confirmed on August 13 that
cybercriminals stole client data and work materials in a ransomware attack that
hit the company on July 30.
Table Of Contents
1. Backups Saved The Day After The Ransomware Attack
2. Was The Ransomware Attack An Inside Job?
3. Vulnerabilities Exploited?
CyberScoop quoted Accenture’s internal memo: “While the perpetrators were able
to acquire certain documents that reference a small number of clients and
certain work materials we had prepared for clients, none of the information is
of a highly sensitive nature.” The memo minimizes the actual impact of the
recent ransomware attack.
LockBit ransomware-as-a-service (RaaS) published the name and logo of Accenture,
one of its most recent victims, earlier this week.
Accenture works with a wide array of clients: 91 of the Fortune Global 100 and
over three-quarters of the Fortune Global 500. Heavy names are on that list,
including giants such as Alibaba, Cisco, and Google. Accenture is one of the
largest tech consultancy firms worldwide, with more than 550,000 employees in 50
countries.
LockBit put up for sale Accenture databases on its Dark Web site, not missing
the opportunity to add an acid comment on Accenture’s weak security.
> “These people are beyond privacy and security. I really hope that their
> services are better than what I saw as an insider. If you are interested in
> buying some databases, reach us.”
>
> LockBit post
LockBit dark-web site screen capture. Source: Cybereason.
When the ransom payment clock’s countdown reached the end, a data leak site
showed a folder that contained PDF files allegedly stolen from Accenture,
according to Security Affairs. The attackers announced that they were preparing
to leak the documents stolen from the company at 17:30:00 GMT.
LockBit countdown clock. Source: Cyble.
BACKUPS SAVED THE DAY AFTER THE RANSOMWARE ATTACK
“Through our security controls and protocols, we identified irregular activity
in one of our environments. We immediately contained the matter and isolated the
affected servers,” Accenture stated. “We fully restored our affected systems
from backup, and there was no impact on Accenture’s operations, or on our
clients’ systems.”
The LockBit cybercriminals group is similar to DarkSide and REvil: LockBit uses
an affiliate program to rent out its ransomware platform, demanding a share of
any resulting ransom payments.
“The wallpaper displayed on compromised systems now includes text inviting
insiders to help compromise systems – promising payouts of millions of dollars,”
Tony Bradley, Cybereason, wrote.
WAS THE RANSOMWARE ATTACK AN INSIDE JOB?
Cyble indicated in a Tweet that this might be an inside job. “We know #LockBit
#threatactor has been hiring corporate employees to gain access to their
targets’ networks,” the firm tweeted.
Cyble also reported that LockBit demanded $50 million in ransom. The attackers
claimed themselves that the ransomware attack was an insider job “by someone
who is still employed there.”
VULNERABILITIES EXPLOITED?
Ron Bradley, vice president of third-party risk-management firm Shared
Assessments, stated that the recent Accenture data leak incident is “a prime
example of the difference between business resiliency and business continuity.
Business resiliency is like being in a boxing match, you take a body blow but
can continue the fight. Business continuity comes into play when operations have
ceased or severely impaired and you have to make major efforts to recover.“
“This particular example with Accenture is interesting in the fact that it was a
known/published vulnerability,” Bradley continued. “It highlights the importance
of making sure systems are properly patched in a timely manner. The ability for
Accenture to manage the repercussions of potentially stolen data will be an
important lesson for many organizations going forward.”
Cybersecurity firm Vectra CEO Hitesh Sheth warned that all companies should
expect such attacks at any time.
“First reports suggest Accenture had data backup protocols in place and moved
quickly to isolate affected servers,” he told Threatpost on Wednesday. “It’s too
soon for an outside observer to assess damage. However, this is yet another
reminder to businesses to scrutinize security standards at their vendors,
partners, and providers. Every enterprise should expect attacks like this –
perhaps especially a global consulting firm with links to so many other
companies. It’s how you anticipate, plan for and recover from attacks that
counts.”
Ransomware’s no joke. Here, at ATTACK Simulator, we take it very seriously.
A painfully costly ransomware attack can happen at any time. Invest a small
amount today to protect your business’s tomorrow and possibly spare a fortune.
Get your quote for our comprehensive Security Awareness Training program here.
Sources:
ThreatPost threatpost.com/accenture-lockbit-ransomware-attack/
The Hill thehill.com/consulting-group-accenture-hit-by-cyberattack
BY DIANA PANDURU
Content writer for Attack Simulator. Passionate about all things writing and
cybersecurity, and obsessed with driving. I sometimes indulge in pencil drawing,
poetry, and cooking for fun.
CEO FRAUD SCAMS: 8 QUESTIONS TO HELP YOUR EMPLOYEES SPOT THEM
Aug 20, 2021
Understandably, every employee wants to look good in front of their boss and do
a good job at work...
ATTACK SIMULATOR – THE AUTOMATED CYBERSECURITY AWARENESS PLATFORM: 6 REASONS TO
CHOOSE US
Aug 14, 2021
As cyber threats never cease to evolve and increase in numbers, the need for an
automated...
RANSOMWARE ATTACKS: 9 TIPS TO PROTECT YOUR COMPANY
Aug 9, 2021
Ransomware attacks have been on the rise lately, as cybercriminals find them
profitable for a...
« Older Entries
THERE’S NO REASON TO POSTPONE TRAINING YOUR EMPLOYEES
Get a quote based on your organization’s needs and start building a strong cyber
security infrastructure today.
Get a quote
The Security Awareness Company
Platform
* Admin Panel
* Educational Platform
* Partner Portal
Resources
* Active Directory Integration
* Support
ATTACK SIMULATOR S.R.L.
J12/127/2021 | RO43550687
Gheorghe Doja Street, no. 31-33, Cluj, Romania
+40 765 432 109
info@attacksimulator.com
* Terms of Use
* Terms and Conditions
* Privacy Policy
* License Agreement
* Terms of Use
* Terms and Conditions
* Privacy Policy
* License Agreement
©2021 ATTACK Simulator. All rights reserved.