There is a report that cybercriminals have breached the French Ministry of Justice‘s systems and are threatening to release the files the group stole. On their Tor-based leak website, attackers have claimed to have stolen files from the Ministry of Justice‘s systems with the ransomware named LockBit 2.0.
An investigation has been launched, according to the ministry’s press office. French justice ministers are aware of the alert and have taken immediate action to conduct necessary verifications, together with competent services in this field, according to a released statement.
Two weeks from now, on February 10, hackers state on their website that unspecified amounts of stolen personal information will be made public.
In a statement to SecurityWeek, cybersecurity researcher Anis suggests the government organization did not secure its BIG-IP instances. Anis claims it is possible that the attackers exploited CVE-2021-22986, an unauthenticated remote command execution vulnerability that F5 fixed in March.
A recent report from France’s Court of Audit revealed cybersecurity issues at the French Ministry of Justice, journalist Emile Marzolf noted on Twitter.
Previously, LockBit 2.0 operators have targeted Danish wind turbine maker Vestas as well as consulting giant Accenture. They have been known to leak data taken from victims who don’t pay a ransom.
As a result of a series of damaging attacks, governments all over the world have increased their efforts to combat ransomware.
Russian authorities have been taking action against citizens suspected of involvement in cybercrime in response to mounting pressure. Over a dozen people were arrested by the country’s FSB security agency recently, including several members of the REvil group. However, the group’s activities appear to be unaffected by the arrests.