The Accenture logo is displayed at the Mobile World Congress (MWC) in Barcelona on February 26, 2019. – Phone makers will focus on foldable screens and the introduction of blazing fast 5G wireless networks at the world’s biggest mobile fair as they try to reverse a decline in sales of smartphones. (Photo by Pau Barrena / AFP)
August 11, 2021 by archyde
The public demand has emerged overnight and threatens to unveil the secrets of a global heavyweight in business consulting and the powerful. The LockBit cybercriminal gang has published on its site hosted on the DarkWeb the name and logo of one of its latest victims: Accenture, a multinational listed on the New York Stock Exchange.
“These people are beyond privacy and security. Hope their services are better than what I have seen inside. If you are interested in purchasing data sets, contact us ”proclaims the message that accompanies a very short ultimatum before the possible publication of data: this Wednesday at 5:30 pm (without specifying in which time zone).
Note that the pirates did not release a sample of their supposed loot to increase the pressure on their target.
Contacted by the Parisian-Today-in-France, the Irish company had not this Wednesday morning responded to our requests.
Blackmail on the publication of sensitive data
Accenture ends up on the claim site because the company has so far a priori refused to pay or is ignoring Lockbit’s extortion attempts. This group of hackers operates like “ransomware-as-a-service (RaaS)”, meaning that its leaders rent out the complete kit by subscription to attack a company.
A ransomware or “ransomware” in English corresponds to a malicious software which encrypts, to make completely unreadable, the data of a computer, a server or a network of a company. The extortion takes place in three stages. Once inside the computer system, the cybercriminals take care to extract and recover the most sensitive information, in order to have a negotiation lever, then activate their parasitic software which renders the victim’s system inoperable.
They will first try to sell the victim their data decryption key, the key to accessing it again. But if the target has a way to restore their backups and refuses to pay, they activate a second lever: the threat of publishing the siphoned data or reselling it to the highest bidder.