January 23, 2024 at 03:56PM
Subway is investigating claims by the LockBit 3.0 ransomware gang that they’ve breached the company’s internal system and plan to sell the data unless a ransom is paid. This potential shift in LockBit’s targets raises concerns, as they typically focus on midsize or small companies. Experts recommend implementing robust cybersecurity measures to defend against such attacks.
From the meeting notes, it’s clear that there are serious concerns about Subway’s infrastructure being compromised by the LockBit 3.0 ransomware gang. LockBit claims to have obtained sensitive data from Subway’s internal systems and threatens to sell it if the ransom is not paid by February 2. Subway has acknowledged the claims and is actively investigating the situation.
The Black Kite cybersecurity firm notes that LockBit’s recent targeting of Subway is unusual, as their typical targets are companies with around $100 million in revenue. This suggests a shift in the gang’s modus operandi, potentially due to the opportunities presented by larger enterprises with significant attack surfaces and potential vulnerabilities.
Statistics from Black Kite and ZeroFox suggest that LockBit has been a significant player in the ransomware market, with a sizable share of global attacks last year. ZeroFox has recommended several best practices for defending against LockBit and similar ransomware attacks, including implementing secure password policies, multifactor authentication, ongoing monitoring for compromised credentials, and regular data backups.
It’s crucial for Subway to take these recommendations into consideration as the company continues to investigate and respond to the ransomware threat. Implementing robust security measures and ensuring prompt patching and updates will be essential in safeguarding Subway’s systems and data.