E.M.I.T. Aviation Consulting Ltd, an Israeli aerospace and defense company, was targeted by the LockBit 2.0 ransomware gang. Cyber attackers claim to have stolen information from the firm and threaten to release it on the gang’s dark web leak site if the firm does not pay a ransom.
E.M.I.T. Aviation Consulting Ltd came into existence in 1986. The firm has designed and assembled complete aircraft, tactical and sub-tactical UAV systems, and portable integrated reconnaissance systems.
According to the threat intelligence firm Cyble, the ransomware gang has stolen databases containing over 6TB of data and is asking a $50M ransom:
“The threatactors have alleged to gain databases of over 6TB and demanding $50M as a ransom. They also alleged that it’s an insider job, by someone who is still employed there (unlikely though).”
As per the latest information, the ransomware group has yet to share any files as proof of the attack, or reveal any other evidence of the attack, and its countdown will conclude on October 7, 2021. It is unknown how the threat actors gained access to the firm or when the security incident occurred.
LockBit 2.0, like many other ransomware attacks, has a ransomware-as-a-service model and has a network of affiliates.
The LockBit ransomware group has been functioning since September 2019, and the LockBit 2.0 RaaS was revealed in June.
After ransomware adverts were prohibited from hacker forums, the LockBit developers created their own leak site to promote the newest version and the LockBit 2.0 affiliate network.
During this time, the gang is highly active. Riviana, Anasia Group, Vlastuin Group, Peabody Properties, SCIS Air Security, DATA SPEED SRL, Wormington & Bollinger, Island independent buying group, Buffington Law Firm, Day Lewis, and dozens of other firms throughout the world are among the latest victims.
In August, the Australian Cyber Security Centre (ACSC) warned that LockBit 2.0 ransomware attacks against Australian companies have been rising since July 2021.