The finance state secretary of Rio de Janeiro confirmed that they dealt with the LockBit ransomware attack last week. Reports said that the ransomware group claimed to have targeted the systems connected to the Brazilian government, resulting in the loss of 420GB worth of data. The group intends to leak the stolen data in the coming days if the government does not cooperate.
According to the spokesperson of the State Secretary, they have already reached out to law enforcement agencies in Brazil after they were threatened by the LockBit group, who compromised their systems.
In addition, the threat actors asked for payment last Thursday and stated that they did not want the affected agency to disclose the amount. The stolen data is from Sefaz-Rj systems, which allegedly correspond to 0.05% of the data stored within the government.
Rio de Janeiro follows Sao Paulo in having the largest GDP of any major city in Brazil. It is also the location of several state-owned firms, including Eletrobras, Caixa, Econômica Federal, Petrobras, and National Economic and Social Development Bank & Vale.
The more attractive aspect of Rio de Janeiro for cybercriminals is that its economy ranks 30% in terms of GDP among all cities worldwide.
The secretary stated that they had contacted a third-party cybersecurity firm to help them fix the current issue caused by the LockBit ransomware group.
Based on reports, LockBit’s attack will be addressed by a cybersecurity firm that will focus on strengthening the agency’s information security.
A ransomware tracker from separate researchers indicated that the LockBit ransomware was the second most active ransomware group this year. According to the tracker, they have conducted a cyberattack against approximately 650 organisations in quarter one of 2022.
The threat group has been active since early September of 2019 and became an alarming entity, which became more threatening after they developed their new RaaS called LockBit version 2.
Since its significant competitors were out, such as REvil and Avaddon, LockBit has become the most seen and used Ransomware-as-a-Service platform.
