Cybercriminals claim to have hacked into the Ministry of Justice’s networks and are threatening to make the material obtained from the government institution public. In a statement posted on their Tor-based leak website, threat actors employing the LockBit 2.0 ransomware have claimed to have stolen material from the Ministry of Justice’s servers. The press office of the ministry said that an inquiry had been initiated.
“The French Ministry of Justice is aware of the alert and has immediately taken actions to proceed to the needed verifications, in collaboration with the competent services in this field,” the statement reads.
The hackers claim on their website that an indefinite quantity of stolen information would be made public in two weeks, on February 10. According to cybersecurity researcher Anis Haboubi, the government entity failed to safeguard its BIG-IP instances. He believes that the attackers may have used CVE-2021-22986, an unauthenticated RCE vulnerability that F5 addressed in March 2021.
Following news of the incident, writer Emile Marzolf highlighted on Twitter that a new report from France’s Court of Audit disclosed cybersecurity issues at the Ministry of Justice. Earlier, LockBit 2.0 operators attacked Vestas, a Danish wind turbine manufacturer, and Accenture, a global consulting firm. Following a spate of severe attacks, authorities throughout the world have increased their efforts against ransomware operators.
As a result of the rising pressure, Russia has begun to take action against persons suspected of being involved in cybercrime. The country’s security service, FSB, recently reported the detention of more than a dozen persons suspected of being members of the REvil gang. The arrests, however, appear to have had little effect on REvil activities.